Korean Job Discussion Forums

[Real Reality]

Police filed an arrest warrant for a person known by his last name, Kim (26), who works for an Internet travel agency, for hacking employee Internet Messenger conversations and occasionally reporting them to the company head. Kim is charged with obtaining the Messenger conversations of five employees about 60 times from last December till recently through a hacking program, and reporting it to the company head.

Police said, "Kim downloaded a hacking program called RADMIN through a portal site and installed it in the employees� computers around last December and occasionally reported the conversation contents to the company�s executives with the intention of getting the staff, about whom he usually did not have good feelings, fired." As the practice of Internet users giving and receiving short messages by way of Messenger programs becomes wide-spread, cases of hacking into the program to spy on conversations are happening frequently.

According to the Information Protection Law, those that violate other people�s personal information or communication secrets through phone, Internet, or other information communication networks will be sentenced to imprisonment for up to 5 years or a fine of up to W 50 million.
http://english.chosun.com/w21data/html/news/200402/200402180019.html

One Million Mobile Phones Wiretapped
http://times.hankooki.com/lpage/200402/kt2004021722324210440.htm

Phone Record Inquiries Authorized Afterward
Nearly 30 percent of all inquiries on mobile phone calls by the nation's intelligence agencies were made without prior authorization, according to a report submitted to the science and technology committee of the National Assembly by a mobile phone service provider on Wednesday.
http://times.hankooki.com/lpage/nation/200402/kt2004021821543911990.htm

Information Protection Law ?
"imprisonment for up to 5 years or a fine of up to W 50 million"

Well, that article was informative. Now, every aspiring hacker can find a program.
Radmin
Radmin is a remote control program that enables you to work on one or more remote computers from your own. It is a complete remote control solution with all key features such as File Transfer, NT security, Telnet and Multilanguage support included.
http://www.majorgeeks.com/download1927.html

[The Lemon]

There's any number of trojan programs that can be installed on a machine to report on a user's activities, or even allow someone to remotely run it. However, the hard part is installing that program on another's machine. In the case of the guy in the article, he had access to those computers (at least, it seems that way from the article). He didn't "hack" anything.

If your computer is properly secured, and watch what you install, you don't have much to worry about.

*Note: On a related subject, guessing an absurdly obvious password is *not* hacking either, nor is it particularly clever. Nor is it particularly repeatable.

[Hyalucent]

I'm pretty sure I had a voice conversation on MSN Messenger tapped into a couple of years back. I was talking with a friend of mine in Canada when all of a sudden another voice entered the conversation and said, "Blah Blah Blah" in a rather unamused tone.

I spoke to MSN and they said that voice conversations are sometimes carried over phone lines and not just the internet, which makes them easy to access.

[The Lemon]

Hold on a minute. MSN has a PC-to-Phone feature, so if you're calling a regular phone, then yes, it goes over phone lines on a recipient's end - that's what the MSN people are talking about. Someone could pick up another phone in the recipient's house, or use a cordless phone or wiretap, and interfere, just as they could with any other phone call.

But if it's PC-to-PC, then no. It's data when it leaves your computer, data when it arrives at your friends, and data the whole way, even if that data is carried over a phone line modem, or a telco's DSL.

It is technically possible for internet traffic of any kind to be snooped on, but I can't see how it'll be interfered with in a way that someone can go "blah blah blah" into the middle of and in response to a real time MSN voice PC-to-PC conversation.

I'd like to hear a logical explanation to the contrary. "You never know those hackers, they're so smart, they have ways we mortals don't know about...", and "I heard about it on Live at 5", aren't informed responses.

[Hyalucent]

What you're saying sounds right to me. I'm just repeating what the tech person said. Still, the voice was there...

Here's the reply I got (dated Sept. 22, 2001):

[Bulsajo]

Net2Phone is(was?) a service where you called someone's phone using your pc, wasn't it? If so then what you're saying and what Lemon is saying don't conflict.

[Tiger Beer]

Would RADMIN be any different than any 'key logger' program? where they record each keystroke made on your keyboard?

[Hyalucent]

[The Lemon]

No, MSN Messenger voice data never travelled as audio on phone lines and back to data again. Since 2000-2001, back when MSN Messenger's voice service was free for calls to North America, they used Net2Phone only as the last step, from Internet to the North American phone system. Nowadays you pay, and you can use Net2Phone or a menu of similar providers, like Iconnecthere and Telus.

The sound, if it was in fact someone saying "blah blah blah", had nothing to do with MSN, Messenger, or Net2Phone. It was coming from the receiver's end - a wiretap, a cordless phone, another extension in the house, a "bad connection"... all quirks of normal phone calls.

So, bottom line, your MSN service wasn't "hacked". The problem was somewhere in the jurisdiction of Bell Canada or MT&T or NBTel or whatever local phone company your friend used. But I'd say that hacker-hype led you to complain to Microsoft rather than the telco that handled the analog leg of your call.

I should explain why I'm touchy about this - I think the media has overhyped the threat of evil "hackers" to the point where whenever computers crash or freeze or do unpredictable things - which shouldn't be a surprise, as they're complex machines - the uninformed are far too quick to go, "OH MY GOD IT'S HACKERS!!!". Real Reality's misleading and inaccurate title of this thread is a good case in point.

And if it's not "OH MY GOD IT'S HACKERS!!!" it's "OH MY GOD I HAVE A VIRUS!!".

[Real Reality]

Hacking MSN Messenger and More
http://www.hackingsoftware.org/spector_win.asp

SpectorSoft
eBlaster is the ONLY software in the world that will capture their incoming and outgoing email and then IMMEDIATELY forward that email to you.
Spector Pro 5.0
Combine seven recording tools with internet access blocking and intelligent and instant alert notification when content you specify is encountered and you have the most powerful internet monitoring and surveillance software you can buy anywhere.
http://www.spectorsoft.com/

Hacking Software
There are times when it becomes necessary to use hacking software to monitor other people's Internet activities.

If you suspect your spouse is engaged in an inappropriate online relationship, monitoring them is a good solution. Perhaps your concerned about your child's Internet safety. The threat out there to children is real. Monitoring employees with hacking software can also uncover fraudulent actions and computer misuse.
http://www.hackingsoftware.org/

Anti Spy Software
Very often, people abuse spy programs and even use them for illegal activities. Remote installation of spy software is also now possible. If you want to assure your computer activities are private, you need anti spy software.
http://www.anti-spy-software.org/

Once upon a time, there was a world with privacy and anonymity.

The Anonymous Fallacy
http://www.stack.nl/~galactus/remailers/fallacy.html

[The Lemon]

Sorry RR, that's not what "hacking" means. That's overeager marketers exploiting hype surrounding the word to attract the attention of people like you who don't know what it really means.

Installing a program that snoops on your spouse or employee is not hacking. Those programs are like security cameras. Hacking's more like breaking and entering:

Hacking: To use one's skill in computer programming to gain illegal or unauthorized access to a file or network: hacked into the company's intranet.
Source: dictionary.com.

[Hyalucent]

Just pointing out that I used the word "tapped" in my first post.



...moving along quietly now...

[Real Reality]

Lemon,
I like dictionary.com, too.

How about a little more information.

What is hacking?
Hacking is the act of penetrating a closed computer system for the knowledge and information that is contained within. Hacking is intended to free information and expand minds, not to be destructive nor for material gain. Although there is always some debate because of how the term hacker has been both glorified and undermined by common media, but most will say that those who destroy data, hack for money or with illegal intent should be referred to as crackers, not hackers.
http://www.hackers.com/html/hdcfaq.html#008

What is Hacking?
Hacking is an act of penetrating computer systems to gain knowledge about the system and how it works.
http://www.boloji.com/computing/security/020.htm

What is hacking?
"Hacking" is a term that can be applied to either computer software or computer networks.
"Hacking" computer software means altering it so that it achieves an effect not intended by the original writer of the software, and "hacking" a computer network means either attempting to gain or gaining unauthorized access to it, for stealing information and/or resources.
http://www.answerbag.com/q_view.php/1812

What is hacking?
Hacking can be defined as the process of gaining unauthorised access to a computer or computerised system and the information it contains. Both corporate and home users can be at risk of hacking.
http://www.thamesvalley.police.uk/crime-reduction/internet-crime7.htm

A hacker is someone who is able to manipulate the inner workings of computers, information, and technology.

Controversy: The computer-enthusiast community does not like using "hacker" to describe malicious people; they prefer "cracker". The security-community restricts the use of the word "cracker" to some who breaks encryption and copy-protection schemes.

Consequently, a journalist who writes about cybercriminals cannot use either word without hate mail from the opposing community claiming they are using the word incorrectly.
http://www.robertgraham.com/pubs/hacking-dict.html#hacking

cracker: A specific type of hacker who decrypts passwords or breaks software copy protection schemes (creating "crackz"). Also, a generic name used by some to refer to all "malicious" hackers.
Controversy: See the word hacker for a discussion about the way that "cracker" is used in the computer enthusiast community vs. the security community.
http://www.robertgraham.com/pubs/hacking-dict.html#cracker

A Cracker is someone who breaks systems, often without the need for a great deal of knowledge of the systems they are breaking into maybe using a few tools they downloaded. A hacker will not just be interested in the security of a system but also in learning about the system. In this respect a hacker has more in common with a phreaks and radio hams.
http://alt.ph.uk.com/node12.html

History of Hacking
http://www.cnn.com/2001/TECH/internet/11/19/hack.history.idg/

The Complete History of the Internet & Hacking
http://www.wbglinks.net/pages/history

[The Lemon]

Good definitions - and you can see that the author/translator at the Chosun who did that piece misused the "hacker" word. A letter to them is in order!

[Real Reality]

Here is a bonus:

The original hackers were characterized not just by their talent for expanding the limits of technology, but also by an ethic that held that information should be freely available and centralized authority mistrusted. Let's not forget that some of the same people who pioneered artificial intelligence and the personal computer also ushered in phone phreaking, lock hacking, and computer intrusion. Ironically, under the new paradigm, many of the original architects of hacking would be dismissed as "crackers"-- a paradox that leaves "hacker" a word without clear meaning.

The media continues to label "hacker" with its own meaning of "computer criminal." This definition is even more at odds with the original than the squeaky-clean one promoted by the revisionists-- the information that the computer pioneers wanted freed was information about how things work, not people's personal email or credit card numbers. By denying the anarchistic elements of the hacker experience, the old-school hackers may have undermined their efforts to set the record straight-- and lost the war of words.

If you ask me, the original definition of the word is still the best. Hackers are people who are intrinsically interested in how technology works, and striving to make that technology work in new ways. They do not rip-off automatic teller machines. Then again, they don't avidly pore over the Congressional Reporter to avoid running afoul of the latest Get Tough on High Tech Crime law, either.

Hacker Semantics
By Kevin Poulsen
http://www.techtv.com/cybercrime/features/story/0,23008,2000034,00.html