基本信息编辑本段回目录
内容简介编辑本段回目录
作者简介编辑本段回目录
Michael Calce gained noteriety as the hacker Mafiaboy. He now uses his knowledge to help people and businesses protect themselves online.
书评:黑客有多黑编辑本段回目录
连着四个晚上读完了《Mafiaboy》(黑手党男孩)一书。这是加拿大青年Michael Calce(与作家记者Craig Silverman合著)的一部自传式的作品。Mafiaboy是Michael当年作黑客时在网上使用的代号。
还记得大名鼎鼎的凯文·米特尼克(Kevin Mitnick)吧,他32岁被抓的那一年(1995年),World Wide Web即WWW才刚刚发布,他只能算是“前”WWW时代的黑客。随着WWW的出现,网络真正开始向所有年龄段的人展示出迷人的面容。有人预言,黑客现象将出现低龄化,而Michael Calce正是一个代表。2000年他因对Yahoo!、CNN、Amazon、eBay等著名网站进行DoS攻击而被抓捕时才15岁。
我读这本书的兴趣之一是想看看一个人是怎么会变“黑”的。
其实,一切“罪恶”在开始时都是那么自然。Michael在6岁的时候,离异的父亲带着他生活,为了给他解闷,作为礼物送给他一台电脑,让他从此迷上了这个玩具。当时的很多黑客前辈攻击大学和企业网络主要是为了争夺带宽(就像骑自行车的穷人和开汽车的富人在马路上抢道)。还记得传奇般的银行大盗Willie Sutton在接受采访回答为什么要抢银行时说的那句话吗:“因为钱在那里(Because that’s where the money is.)”。对当时的黑客们来说,带宽就是钱。
随着Michael电脑水平的提高,他希望得到同好的认可。为达到这一目的,他不惜主动发起“战争”,进攻其他黑客及其网络社区,以引起注意。他还费尽心思要给自己取一个好的网名。这种成长中被环境认可的欲望(Desire for status and recognition)是让他早早就变得不安分的又一个原因。
生命中的一些事件也会成为人生的转折点。Michael在学校里唯一的好友Nick在车祸中丧生,这对其打击很大,他选择了逃避学校和课堂。此后,“要当一个黑客”成了他无法摆脱的一种情绪(full-fledged obsession)。
他这样描述他第一次攻击Yahoo!时的心态:只是想试一下自己的方法是否有效,就像一个孩子迫不及待地要动一下新买的玩具,“I was a kid with a new toy”。
不断被强化的好胜心让他一发而不可收。当时知名的黑客社区Alpha正式接受他时让他充满了成就感。他喜欢看黑帮电影,就给自己起了这个名字:Mafiaboy。为了向别人展示那些“了不起”的事情是自己干的,他甚至在网上让别人选出一个网站,他马上实施,随后又回到网上进行声明。对CNN的攻击就是这种情形。“Test me. Let me show you what I can do. ”
我读这本书的另一个兴趣点,是想知道他何以能被抓捕。
按他的总结,首要原因是爱炫耀,把不住嘴。FBI负责信息安全的人其实也常在黑客论坛里出没,Mafiaboy的一些滔滔不绝的对话已经被记录了。他也一直没有更改过自己的代号,一些网上活动也留下过签名。这些都给后来的追查提供了方便。Micheal写道:“My sloppy hacking habits, in combination with my big mouth, were starting to help the FBI.”
FBI可不是吃素的,他们很快就把目标锁定:加拿大蒙特利尔。随后FBI和加拿大警方RCMP(Royal Canadian Mounted Police)通力合作开展追踪,直到锁定他们家的house,并开始窃听他家的电话。Michael向父亲坦白了自己的行为后,父亲曾带他咨询过律师,律师提醒他们警方可能已经在监视他了,甚至提到了电话窃听。在这种情况下,Mafiaboy还是在电话里暴露了自己。毕竟是个孩子,他后来也承认自己“很傻很鲁莽”(My behavior was reckless and stupid)。
书中记载的法庭审判过程也很有意思,篇幅时间所限,在此不提。Michael年纪小,劣迹不多,又有一个好律师,所以被判罚得并不重。最终是在青少年拘留中心呆了8个月,另加一年缓刑和轻微罚款。
经历了这一切后的Michael很后悔。尽管破坏活动为自己争得了一时的名气,但这些行为不是建设性的,也浪费了时光。Facebook的创始人Mark Zuckerberg在哈佛大学上学时也曾因攻击大学计算机系统的黑客行为惹过麻烦,好在他很快清醒了,开始用自己的能力创业。现在,Facebook是一个影响深远、价值过亿的社交网站。这样的例子无不让Michael不断反思自己。
Michael后来开始为杂志写计算机安全方面的专栏。他有一种强烈的欲望想有一份和计算机安全相关的正当职业。书的最后一部分类似信息安全的科普。针对个人网络安全,Michael还给读者提出了13个忠告和建议。
Michael登上了今年10月份的《读者文摘》(Reader’s Digest)加拿大版的封面。加拿大CBC电视台著名晚间脱口秀节目The Hour也曾采访过Mafiaboy:
http://www.youtube.com/watch?v=M172NlX3H1Q&feature=player_embedded
在《Mafiaboy》这本书里有一个细节:2000年2月,警方已经开始通缉Mafiaboy,当月23日的The Nation杂志发表了Naomi Klein给Mafiaboy的公开信,这篇文章引起了Michael本人的极大兴趣。
读到这里,我的兴趣也来了。
有两位叫Naomi的女士给我印象深刻,一位是大名鼎鼎的黑人女模特Naomi Campbell(时装店里常有她的照片),一位就是加拿大才女Naomi Klein。我在2007年12月29日的博文里提到过,她的那本“No Logo”曾列入我2007年个人阅读榜的TOP10。
Naomi Klein给Mafiaboy的这封公开信现在还能在网上找到。这篇文章贯穿了Naomi Klein反品牌至上、反全球化、反新自由主义的思路,写得非常生动,有些段落值得反复琢磨,对理解黑客现象有很大帮助。全文附在下面供参考:
Dear Mafiaboy,
As I write this, the Federal Bureau of Investigation and the Royal Canadian Mounted Police are closing in on your position. Maybe you are already behind bars, imprisoned for crimes against Yahoo. They say you had something to do with the rash of attacks that crippled some of the most powerful commercial sites on the Net this month. They overheard you bragging about your exploits in an online chatroom: "U just pin em so hard they can't even redirect," you wrote, calling yourself "mafiaboy." They're still not sure who you are exactly, but they have a few hunches: You are based in my hometown (Toronto), you are 15 years old and you have a preoccupation with Satanism.
Nice cover. I know better, of course. Like so many who have secretly cheered your exploits (if indeed they are your exploits), I can see through the nihilistic pranksterism to another kind of Mafiaboy. My mythic Mafiaboy isn't a vandal but an anticorporate freedom fighter for the e-commerce age.
But I'm afraid not everyone sees the precision with which you aim your electronic salvos, Mafiaboy. According to Steve Bellovin, an AT&T security guy, "sometimes kids walk down the street snapping car antennas and tires, and sometimes they take out Yahoo and CNN." Yeah, right. And sometimes cream pies are thrown at Joe Blow, and sometimes they hit Bill Gates, Milton Friedman and the CEO of Monsanto. Sometimes bricks fly nowhere in particular, and sometimes they sail through the plate glass windows of Seattle's Niketown and Starbucks during WTO meetings.
They dare to call your methods artless, Mafiaboy. Kevin Mitnick, the infamous hacker just released from four years in federal prison, says you are a "vandal," not a true hacker. And Newsweek says your feats "required the skill of a spitballer." At the risk of sounding like a "hacktivism" groupie, let me just say that some of us were able to decipher your encrypted cri de coeur. We understand that your art is of a more conceptual sort. The hacks harnessed hundreds of outside computers to send millions of messages to specific targets. In an instant, sites like Amazon and Yahoo were flooded with exactly what they all so desperately want: traffic. "Yes, I heard you!" and "I'm here!" the wave of messages screamed. What poetry! What simple elegance! Unlike the philistines at AT&T, I am familiar with the art of jujitsu. I know that, thanks to the web's recent billion-dollar orgy of advertising, we can't watch television, open a magazine, turn on the radio, surf the web or walk down the street without hearing precisely the same message from the dot-coms. "I'm here!" they wail, attempting, with existential angst, to make their artificially inflated brand names into something tangible.
Well, Mafiaboy, you sure told them, the ones who are signing up at Silicon Valley's Money, Meaning & Choices Institute to treat their newly diagnosed "Sudden Wealth Syndrome." "I'm here too," you said. "Listen to me!"
Now they're calling for a million-dollar bounty on your head. In Wired News, a security expert says it is "as if a group of moral-less teenagers...were going around killing small animals with tremendous firepower." Time magazine hints ominously at "some future electronic Pearl Harbor." Wired has declared the arrival of "World War Internet."
I, for one, believe you hack in peace, Mafiaboy. The flood of messages just formed a virtual blockade. Like Critical Mass bike rides, in which hundreds of people on bicycles peddle down the middle of a busy street bringing cars to a standstill, the hacks restricted access to the e-commerce sites simply by taking up space. Besides, the real war on the Internet has already been fought and, for the most part, lost. World War Internet was a virtual coup d'état. The blood started flowing when the dot-coms figured out how to stage the hottest IPOs, and suddenly freedom and interactivity were about our right to have carefully monitored AOL chats about Time Warner movies.
In the New York Times, John Markoff called the hacks "antisocial," but where was this concern for social etiquette when the online retail giant eToys launched the fury of its legal department against the art group site "etoy" — even though etoy had been online since 1995, before eToys even existed? Talk about "killing small animals with tremendous firepower": The Internet is paved with the road kill of groups too poor to fight trademark and libel suits, including Roadkills-R-Us, targeted by you-know-who.
In our culture of instant millionaires, computer hacking has evolved into an extreme job application process: Find a weak point in a system, hack it, then offer up your high-priced security services to fix it. But when somebody comes along who isn't looking to cash in, it messes up the whole scam. Which is why the old-school hackers, their straggly ponytails freshly blow-dried, have been meeting with Bill Clinton and Janet Reno to help them nail you. These hackers claim they are motivated by love. They love technology — they just want it to work properly. But Mafiaboy, I believe you were committing an act of love too: not for the integrity of a particular line of code, but for the Internet in general, as it could have been.
It occurs to me, Mafiaboy, that I may have gotten a bit carried away. Maybe it wasn't you at all who hacked those sites. Maybe it was and you are a fifteen-year-old vandal with a Satanism preoccupation and dreams of your own IPO. But maybe it doesn't even matter, because whether you intended it or not, for a couple of weeks hacking took its place in a wider wave of anticorporate protest. Offline, anti-sweatshop activists are rappelling off the side of Niketown while eco-warriors are pulling up Monsanto's genetically modified crops. And as profit moves online, the hand-to-brand attacks are close behind.
背景:2000年涉嫌攻击著名网站 少年黑客Mafiaboy被捕编辑本段回目录
据美国广播公司(ABC)新闻当地时间星期二报道,加拿大一绰号为“黑手党男孩”(Mafiaboy)的15 岁男孩近日被警方逮捕,警方怀疑他与2月份的黑客攻击事件有关。在那次攻击事件中,包括雅虎、亚马逊和eBay在内的众多著名网站曾瘫痪达数小时。
美国广播公司报道说,加拿大皇家骑警于上周未在蒙特利尔将这名少年逮捕,并于星期一对他正式提出起诉,但由于年龄原因,他的这一犯罪记录将不对外公布。据称,这名绰号为“黑手党男孩”的少年至少被指控参加了一次攻击行动。
另据美国广播公司透露,加拿大皇家骑警将于美国东部时间星期三上午10时30分举行新闻发布会,宣布这一逮捕消息。此前一直对此事进行调查的美国司法部和联邦调查局有可能在此之后发表一份声明。
2月份“服务拒绝”攻击事件曾震惊了全世界,导致受害网站数百万美元的损失,其中以电子商务网站的损失最大。攻击者从全球各个角落,通过远程控制攻击目标网站,用大量的垃圾数据造成网站堵塞,使合法用户无法进入。
美国广播公司称,调查人员是在检查加利福尼亚大学圣巴巴拉调查实验室的一部电脑的运行记录文件之后,才找到这个“黑手党男孩”的踪迹的。
此外,网络安全专家迈克尔-李尔在接受美国广播公司采访时透露,他曾与这位“黑手党男孩”交谈过,后者承认他不仅于2月8日攻击过CNN.com网站,还攻击过E+TRADE和其它几个规模较小的网站。
另据反映,一个名为“黑手党男孩”的用户曾在蒙特利尔Delphi Supernet公司拥有两个帐户,19 98年3月,由于“黑手党男孩”违反了用户规定,帐户被取消,至于他违反了哪些规定,Delphi Supernet 没有透露。(少岩)
参考文献编辑本段回目录
http://blog.sina.com.cn/s/blog_4e4cb9a70100g26x.html
http://www.amazon.ca/Mafiaboy-Cracked-Internet-Still-Broken/dp/0670067482