By Roy Mathur, on 2012-04-16, for The Independent Daily, Mauritius (in which an edited version appeared)
If power is knowledge, then raw data is the lifeblood of the world. Just look at the ongoing saga of "Wikileaks" and the victimisation of US solider Bradley Manning and Australian ex-hacker Julian Assange. This week we're looking at hacking, so here's everything you always wanted to know about the dark underbelly of the internet, but were too afraid to ask.
The hacktivism fuelled antics of groups like anonymous and lulsec are now common knowledge, but back when I started in the ICT industry, hacking meant writing computer programs rather than cracking digital security systems.
Today, however, cracking and hacking have become synonymous to the public. The terms "white", "grey", and "black" hat are often used to describe the ethical stance of hackers. White hats are ethical hackers, e.g. internal penetration testers, black hats are unethical and/or criminal hackers, e.g. identity thieves and digital vandals, and grey hats are somewhere in the middle.
This is a natural extension of computer hacking, where a hacker might need either physical access to a computer system, or information that only a user can supply. The hacker will try to fool the user into giving out this information, e.g. by claiming to work for technical support in the user's company. This is a very old technique that, amazingly, still seems to work.
Back in the day, when I was still in short pants and getting beat up in the junior school playground up by nerd hating bullies, there was this thing called phreaking. Made famous by an American university student, who discovered that a toy whistle given away with Captain Crunch breakfast cereal made noises that could control the telephone and assist in making free long distance calls. Over the years phreaking became the collective term for all phone based hacks.
To further belabour the headwear metaphor, much of what I previously explained in this article is old hat. The dark net is far more interesting. By dark net, we are talking about information that is completely unreachable by a normal web browser. These sites use a technique called onion routing to anonymise their content.
What kind of content? Everything from legitimate social reform in countries with repressive regimes to access to illegal goods and services.
Phishing is a sneaky technique, whereby a legitimate web page login screen is replaced by a false page in order to collect user information like logins, passwords, credit card details, etc. Internet scams include e-mail fraud, e.g. the famous Nigerian scam.
Mauritius might have popped out of a volcanic vent millions of years ago, but politically we are part of Africa, which makes every brown, black, yellow, and white Mauritian an African.
Why does this matter? Well, because a number of internet scams such as the above mentioned e-mail scam, as well as the many false eBay bidders originating in African countries, has given the West a disproportionately paranoid impression of doing business with Africans.
For instance, I recently arrived in London and, like most visiting Mauritians, I was eager to do some serious gadget shopping. The first item I tried to buy was a small bare bones computer system from the UK online computer parts vendor Mini-ITX.com. Although I have a UK bank account with a Mauritian address, an e-mail from Mini-ITX.com told me that my transaction was suspicious and I should immediately send a photograph of my passport to verify my identity. When I did this, I received a further e-mail telling me that I had been flagged as a "very high risk" and they were cancelling my transaction!
It is sad, but it seems that credit verification companies do not seem to trust Africans.
I have some homework for you to do this week! I want you to google "tor and dark net". If you are feeling even more ambitious, download the Tor browser and have a go at surfing the dark net.
Take the red pill.
Next week: Piracy.