In crypto when you hear about hackers — it’s usually in a negative light. But hackers are much more than the scammers and coin thieves you see in the crypto media. Hackers are the fixer and solvers that we need to guarantee the success of our products.
We sat down with an anonymous professional hacker to talk about popular misconceptions, weird things to hack and how to get started as a hacker.
What got you into hacking?
“My crime is that of curiosity” is a quote by The Mentor from The Hacker Manifesto written January 8, 1986. This manifesto kick-started what was unknown to me at the time; a lifelong interest in all aspects of technology. Being in the late 1980s at the right place and time, I was an analog child of the digital internet. I remember watching my mother taking apart our televisions and VCRs so she could try to fix the problem herself. My dad’s friends would be in our kitchen fixing his work computer on our kitchen table, trying to salvage the system from the latest commands and mayhem I did to his system (format.exe). All the while, as a curious and interested child, I watched each step, asked the questions to the things I didn’t understand, and secretly tried to recreate the steps I witnessed earlier after everyone was long asleep.
From this curiosity, I became interested in things like editing my name into games which taught me hex editing, writing viruses which led to learning programming languages, and eventually system hacking which brought me to my career today.
“My crime is that of curiosity.” — The Hacker Manifesto
What’s the weirdest thing you’ve heard of being hacked?
John Deere tractors. A few years ago farmers were faced with the harsh reality that they could not perform maintenance and repair on tractors due to firmware lockout controls installed by the manufacturer. American farmers figured out how they could load Ukranian firmware on the tractors, thereby allowing them to make their own repairs. It blows my mind that a profession in a totally different world than Information Security is doing things such as circumventing firmware and manufacturer locks. I’m a big fan of being able to do what you want with hardware that you rightfully own.
What’s the wildest hacking story you have?
I befriended some of the best lock pickers and urban explorers in the world at a hacker convention on the east coast. The convention was being held at a historic hotel in downtown New York which, as rumor had it, was connected to a labyrinth of abandoned subway tunnels, maintenance storage facilities, and homeless encampments. These guys were the best in the world and had tons of tricks, skeleton keys, and ways to get into things I never would have imagined. Doors and locks that looked like they hadn’t been touched in 50 years were quickly defeated. The tension and fear was real, as none of us knew what was around the next dark corner. While it was extremely dangerous, it was also extremely rewarding to experience parts of New York City that other people don’t even realize exist.
Have you ever hacked an electric scooter?
Electric scooters are one of the newest and coolest pieces of hardware out there. While they give us a new option for commuting, they also give us a new option to hack. I did some testing with a personal scooter of mine and found a few vulnerabilities that I thought were concerning. The older versions of some scooters can be connected to remotely without credentials, and sometimes give you the ability to overwrite the various systems and firmwares.
Why do hackers hack?
Hackers hack for a variety of reasons. Some do it for profit, others do it for political hacktivism, and some just enjoy the technical challenge. In my case, I’ve always felt a burning need and desire to understand how systems work. By knowing the rules of the system, I could then figure out how to circumvent those rules or even re-write them to make things do what I want. Some people need to be the smartest person in the room. I need to know how to hack everything in that room.
What’s the biggest misconception about hackers?
The biggest misconception has always been that a hacker is a nerd “sitting on their bed that weighs 400-pounds” watching Star Trek while they try to terrorize your life and data. While some of these things are true, the real hackers originated out of places like the Massachusetts Institute of Technology, UC Berkeley, and various homebrew computer clubs. These hackers were interested in how far they could take a system, and what they could make it so that it hadn’t done prior. The hackers of the late ’80s and early ’90s were testing the limits of the Internet that was permeating our homes and lives. In modern days, hackers take many shapes and forms ranging from the anarcho-capitalist that lives down the street, all the way to super-secret divisions in the Armed Forces that are performing cyber warfare and espionage.
What’s the best career advice you’ve ever received?
“Try Harder”. It’s the mantra of the Offensive Security Certified Professional (OSCP) certification. The OSCP is an intensive penetration testing certification that culminates in a 24-hour hands-on hacking exam. There’s not a lot of hints, and mostly, you are on your own. The “Try Harder” self-serving/self-motivated mentality has helped me get through not only technical problems but life.
Sum up your best tips for future hackers
Question everything and make sure you always keep trying. Perseverance is a key attribute of successful hackers. If you don’t know something, look it up. Find someone who knows it. Download the source code and compile the thing your damn self. Break it and rebuild it. Sometimes you need to hit that wall of exhaustion and caffeine burnout at 3:00 AM before you look at something differently and find the right answer.
My more practical technical advice would be to learn the Python or GO programming languages. I can write HTTP servers to serve exploits quickly, manage listeners for reverse shells, create shellcode for exploits, write my own network scanner, and other things that make my life a lot easier when I’m trying to take over your computer before you have the chance to notice.