#83 Meet these five child hackers who could become top cyber security researchers

Meet these 5 child geniuses who could be the future of cybersecurity

The cyber security industry is hunting for new talent due to a severe shortfall of skilled professionals in this field and it seems the industry is already getting five child geniuses.

In this article we will see how these five child geniuses got recognition and why we feel they could be the future of cybersecurity industry, provided they too choose to pursue a career in this field and choose to be on the side of white hats rather than black!

Reuben Paul: Ethical hacker and a CEO of Prudent Games 

Reuben, Paul, is a nine year old boy who is just a third grader and studies in Harmony School of Science located in Austin, Texas.

At the age of nine, most of the kids would be busy playing with their toy cars or may be involved in playing some video games. However, Reuben has already established himself as an ethical hacker.

Last year during a B-Sides security conference, Reuben took to the stage to promote safer smartphone security. He demonstrated how within a matter of few minutes hackers can easily steal all the important data from your Android smartphone including contact details, call logs and messages.

During his speech, Reuben emphasized the importance of being careful whenever one downloads the apps on their device. He also showed that the seemingly safe software tool can be potentially dangerous if it has been infected with malware and it can help cybercrooks to snoop on the user’s location and also get access to sensitive data.

While speaking to Fox News, Reuben had said: “If a child can do it, then a regular hacker can do it… so I just want everybody to be aware [and to] be more careful when you download games and stuff like that.” 

iDigitalTimes quotes: “9 Year Old Reuben, Paul is kid by day and cyber security researcher by night, hoping to make the world a safer place, one app at a time.” Reuben is also CEO of Prudent Games at this young age. Prudent Games basically designs educational apps that teaches people about the security threats.

Betsy Davies: Hacked public Wi-Fi network in less than 11 minutes

Betsy Davies, a seven year old British girl was able to hack the public Wi-Fi network following a short video tutorial.

Earlier this year, when a seven year old primary kid showed the danger of public WI-Fi hotspots, it caused a storm in the world of cybersecurity industry.

VPN Provider ‘Hide My Ass’ carried out an experiment as a part of public awareness campaign to show how easy it is to break into the public network.

Under the guided experiment carried out by Channel 5 News and Virtual Private Network (VPN) provider Hidemyass.com, Betsy was provided with a laptop, a short online tutorial and a volunteering member who was willing to be hacked in an environment which resembled to that which is found in almost 270,000 public hotspots in United Kingdom.

Surprisingly, Betsy was able to hack the open Wi-Fi and steal the traffic of the volunteer in just 10 minutes and 54 seconds. Betsy managed this by setting up a Rogue Access Point, which is normally used by hackers to carry out the “Man in the Middle” (MiTM) attack on the overly trusting web surfers to sniff web traffic.

Kristoffer Von Hassel: Exposed the Xbox password flaw at the age of 5 

Kristoffer Von Hassel, a five year old boy exposed the Xbox password flaw for which he has been officially added to the list of Microsoft’s recognized security researchers.

We can expect a five year old kid to play the Microsoft Xbox Game as well as know the operating system. However, just imagine if a five year kid starts finding a security vulnerability in the system? It just seems impossible; however, little Kristoffer Von Hassel discovered a back door into one of the most popular gaming systems and that is the Xbox Game.

Last year, Kristoffer Von Hassel was in the spotlight for this achievement.

We had reported that this five year old did not steal passwords. Instead, when he entered a password in his dad’s Xbox gaming system for the first time it went wrong and he was directed to a password verification screen where he used to just tap the space bar a few times and then press enter and surprisingly he was able to enter into the Xbox Live account of his dad.

The young kid was able to play games in which he was not supposed to play on the Xbox Game and in addition he was even able to access the YouTube.

Kristoffer’s parents discovered this and were completely surprised. His dad, Robert Davies, a security engineer at San Diego-based ServiceNow, an enterprise IT cloud services company, then reported the flaw to Microsoft.

Microsoft instantly fixed the bug and also rewarded Kristoffer with $50, four games and in addition also gave him a year-long subscription to Xbox Live from Microsoft.

Microsoft has included Kristoffer’s name in the list of recognized security researchers and Kristoffer now has his own Wikipedia page.

Some people feel that a young kid, a mere 5 years old, cannot do all this alone. However, Davies says that Kristoffer had already mastered a number of other tech skills. Davies recalls that at the age of one, Kristoffer has been able to bypass the toddler lock screen on a smartphone just by holding down the home key!

Unnamed Canadian: At the age of 12, this boy was able to attack government websites and cause them lot of damage

Way back in 2012, an unnamed Canadian who has been then just 12 years old and a fifth grader launched a series of Denial-of-Service (DoS), spoofing and even defacement attacks against the Canadian government websites in support of the Quebec student protests. It seems the young protester even passed the data which was stolen from the government websites to the Anonymous group in exchange for video games.

The young hacker was from Montreal and also pleaded guilty for being responsible for the shutdown of a number of government sites, including the Quebec Institute of Public Health and the Chilean government.

It seems due to the attack some government sites had to be closed for as long as long two days.

According to the local authorities, the child had been hacking since the age of nine and has already caused a damage of about $60,000 to the government.

Definitely, this kid might pursue a career in the cybersecurity industry, however, would it be under the black hats or white hats, is a big question.

CyFi: Exposed the zero day flaw in games on iOS and Android devices 

In January 2011, a 10 year old security researcher, who goes by the pseudonym ‘CyFi’, was in news for exposing a zero day exploit in games on iOS and Android devices.

This young Californian school girl first discovered the flaw when “she started to get bored” with the pace of farm style games.

The first DefCon Kids at DefCon 19 was held in August 2011, where CyFi presented her findings on the zero day flaw in the games on the iOS and Android devices which was confirmed to be of a new class of vulnerability by experts.

While speaking to CNET, CyFi said:”It was hard to make progress in the game, because it took so long for things to grow. So I thought, ‘Why don’t I just change the time?'”

Most of the game in which CyFi discovered the flaw have time dependent factors. For instance, in the case of farm style games, planting corn might take 10 real-time hours to mature in the game. However, manually advancing the phone or tablet’s clock forced the game further ahead than it really was, opening up the exploit.

CyFi further also added that many games have check points which detect and block this manipulation, but it seems there are still ways around to jump these check points. CyFi also mentions the ways which can help, such as disconnecting the phone from WI-Fi and making additional adjustments in the clock.

CyFi's real identity is being protected. She was already a Girl Scout and a state ranked downhill skier. In addition, the little girl was already an artist who gave a spontaneous 10 minute speech in front of a thousand people at the San Francisco Museum of Modern Art.

#69 “seL4” is an Unhackable Kernel for Keeping All Computers Safe From Cyber Attack

Today, the threat of cyber attacks isn’t just limited to computers and smartphones. With the ever-increasing intrusion of computers and electronics in our lives, ranging from our home automation system for cars, everything has become a hacker target.

This could also create problems in the battlefield where any software plays an important role in military and intelligence systems. Recently, in a DARPA drill, hackers were given the complete access to the computer of a Boeing Little Bird helicopter – but they were unable to disrupt the critical systems of the helicopter. How did this happen? Well, the computer in the helicopter was using a new operating system, based on an unhackable kernel.

The kernel is the heart of any computer’s operating system and if hackers can access it, they can do some irreparable damages to your system. Here, I’m talking about a very dangerous situation where security of power station systems, heart pacemakers, vehicles, weapons etc. could be compromised. The Australian national research agency Data61 has developed an unhackable kernel named seL4 – and proved this mathematically.

Gernot Heiser from Data61 writes, “My hope is that in 10 years’ time, anything that is security critical is running on our system or some other one built on the principles we’ve established.”

The seL4 unhackable kernel comes with some very secure characteristics. It can only do what it’s designed to do and its code is unalterable without permission. Along the similar lines, its memory and data can’t be read without permission. Another interesting fact: An earlier version of seL4, known as OKL4, could be found in millions of smartphones.

The seL4 unhackable kernel works this way by isolating the data and the kernel. This could also be used to run two operating systems simultaneously to stop the hacking.

The seL4 unhackable kernel could also be used in multiple situations like medical equipment, manufacturing plants, automobiles, satellites and more.

Watch the video below to know about the basics of a kernel:

Stay tuned for more updates from PowerTech & Powertechmation
and share your views.

#34 How to Become a Free Software Hacker

Writing and using Free software is not just a type of programming, it is a kind of philosophy. While knowing a programming language is all you need to program, this post is about how to join the community, get friends, do great work together, and become a respected specialist with a profile you cannot get anywhere else. In the world of Free software you may rather easily get tasks that in a company only the elite, top level programmers are allowed to do. Think about the amount of experience this can bring. However, if you once decided to become a Free software hacker, you must be ready to invest some time into achieving this goal. This remains true even if you are an IT student already. Also, this post is not about how to become a cracker.

Steps 

Step 1:

Get a good Unix distribution. GNU/Linux is one of the most popular for hacking, but GNU Hurd, BSD, Solaris and (to some extent) Mac OS X is often used.

Step 2:

Learn how to use Command Line. You can do much more with Unix like operating systems if you use command line.

Step 3:

Learn some popular programming language until you reach a more or less satisfactory level. Without this, you cannot contribute code (the most important part of any software project) to the free software community. Some sources suggest to begin at once with two languages: one system language (C, Java or similar) and one scripting language (Python, Ruby, Perl or similar).

Step 4:

To be more productive, learn Eclipse or some other similar integrated development tool.

Step 5:

Learn and use advanced editor like VI or Emacs. They have a higher learning curve but you can do much more with them.

Step 6:

Learn version control. Version control is the likely most important co-operation tool for shared software development. Understand how to create and apply patches (text difference files). Most Free software development in the community is creating, discussing and applying various patches.

Step 7:

Find a suitable small Free software project, which you could easily join to get experience. Most of such projects now can be found on SourceForge.net. The suitable project must:

• Use the programming language you know.

• Be active, with recent releases.

• Already have three to five developers.

• Use version control.

• Have some part you think you can immediately start implementing without modifying the existing code too much.

• Apart from the code, a good project also has active discussion lists, bug reports, receives and implements requests for enhancement and shows other similar activities.

Step 8: 

Contact the administrator of the selected project. In a small project with few developers your help will usually be immediately accepted.

Step 9:

Carefully read the rules of the project and more or less follow them. The rules of the coding style or necessity to document your changes in a separate text file may first appear ridiculous to you. However the purpose of these rules is to make the shared work possible - and the most projects do have them.

Step 10:

Work on this project for several months. Listen carefully that the administrator and other project members say. Apart programming, you have a lot of things to learn. But if you really do not like something, just go away to another project.

Step 11:

Do not stick with the underground project for too long. As soon as you find yourself successfully working in that team, it is time to look for the serious one.

Step 12:

Find a serious, high level Free software or Open source project. Most such projects are owned by GNU or Apache organizations.

Step 13:

As we are doing a serious jump now, be ready for the far cooler acceptance. You will likely be asked to work for some time without direct write access to the code repository. The previous underground project should, however, have taught you a lot - so after several months of the productive contribution you can try to demand rights you think you should have.

Step 14:

Take and do a serious task. It is time. Do not be afraid. Go on even after you discover that the task is lots more difficult than you initially thought - in this step it is important not to give up.

Step 15:

If you can, apply to your serious task to the Google's "Summer of Code" to get some money from this adventure. But just do not care if the application is not accepted as they have far less funded positions than really good hackers.

Step 16:

Look for a suitable conference happening nearby ("Linux days" or something similar) and try to present your project there (all projects, not just the part you are programming). After you, tell you are representing a serious Free / Open source project, the organizers frequently release you from the conference fee (if they do not, the conference is likely unsuitable anyway). Bring your Linux laptop (if you have one) and run demos. Ask the project administrator for the material you may use when preparing your talk or poster.

Step 17:

Search the web for an announcement about the install party happening nearby and try to join it first time as a user (watch for all problems and how hackers solve them) and next time as an installer.

Step 18:

Complete the task, cover with automatic tests and contribute to the project. You are done! To be sure, try to meet some hackers of the project physically and have a glass of beer.

Step 19:

Step 20:

For better understanding, look into real example of the development history for a Free Software project (above). Each raising curve represents a contribution (lines of code) from a single developer. Developers tend to become less active over the years, but the project frequently even accelerates as new people join. Hence, if you already come with some useful skills, there are no reasons why the team would not invite you.

Tips

• Before asking any question about the working rules inside the project, try to search for the answer in the project documentation and mailing list archives.

• Always continue the hacking you started. Does not build, does not run, crashes? There are reasons for everything and if you have source code this usually means that you can force the system to do whatever you want, especially with the help of the web search. This rule has its limits, but, indeed, never yield easily.

• Only say you are a hacker after some true hacker community recognizes you as such.

• From the beginning, select a class, module or some other unit under which nobody is very actively working at the moment. Working together on the same class or even function needs more skills and a lot of care from all sides.

• The employers of some hackers seem motivated enough to allow contributions during their working time (usually because the institution uses the Free/Open source program that the hacker is developing). Think, maybe you can get at least part of the needed time this way.

• If you still do not trust yourself enough, start from some part of code that you think is missing and can be written from scratch. Changes in existing code are much more likely to attract criticism.

Warnings

• In the informal meeting like beer event of the project to that you have never contributed any code you will have the unpleasant feeling of being highly ignored. Do not worry, some hackers are great friends later, after you earn respect with your code.

• In the cooperative world of Free software you code and in rare cases even all projects of your group may be unexpectedly replaced by some other contribution. Examples of large scale overwrites could be the now forgotten Harmony or more recent history of GNU Classpath, for instance. Mature hackers say "welcome" and take benefits of the new code becoming available - there is just no better way to react. This, however, does not come naturally and must be learned. See an example of such an attitude.

• Already very successful projects may have written or unwritten policies never return anything back to your work (no money, no possibility to self - promote, no elevated status regardless of the contribution, etc. - see Wikipedia). If you do not accept this well, stick with more mid range projects that cannot afford such attitude.

• Do not start from small code optimizations, extra comments, coding style improvements and other similar "small-scale" stuff. It may attract far more criticism than any serious contribution. Instead, collect these into a single 'cleanup' patch.

• Your hacker status in the project community reflects your present more than your past. In particular, if you want a recommendation from the project leader or anything they like, ask till you are still actively contributing.

• Avoid asking any question related to the fundamentals of programming or programming tools. A Free software programmer's time is valuable. Instead, discuss the basics of programming in communities for amateur or new programmers.

• While the word "hacker" sounds with respect in the most of the academic environments, for some uninformed people it may associate with breaking into security systems and other computer-related crimes that a different social group (crackers) do. Unless you are ready to explain, look to whom are you saying this word. Real hackers as they are meant in this article never join programming activities that seem for them illegal. First, they are proud of following the hacker ethic. Second, the law violations are not necessarily better paid.

• If you plan to meet Free software hacker's eye to eye, always leave your Windows laptop at home. Mac OS is tolerated somewhat better, but also not welcome. If you do bring your laptop, it must run Linux or other operating system that they consider as "Free software".

• For the same reason, never expect an older hacker to write a detailed description of your task or even provide any kind of supervision for you. While open source projects may have a lot of strict rules, they usually work along the lines of what is known as extreme programming in the programming methodology.

• If your mail client supports HTML messages, turn this feature off. Never attach documents that only proprietary software (like MS Word) can open properly. Hackers understand this as insulting.

• Do not volunteer to the company-owned projects that are not releasing any parts of their code under approved Open Source license. In such cases the really important parts of the project are likely to stay behind the closed doors of the owner, preventing you from learning anything useful.

• Do not begin from starting your own project, unless you want to stick in a proud loneliness for ever. For the same reason, do not start from the attempt to revive the abandoned project, which has already lost its previous team (see why).

• Big Free software projects, especially around GNU domain, do not treat your job as your personal matter. After you get or change the job in a software - related companies, they ask your employer to sign certain agreements that these may or may not sign. This can force to select the project with looser requirements.

Things You'll Need

• Linux. Many Free software projects are either more complicated to build under Windows or do not build properly at all. This is especially true for the advanced projects, devoted to the programming of mobile phones, USB keys and other amazing devices.

• A computer with relatively good Internet connection. If you want to keep the dual boot with Windows, a second hard drive or partition for Linux would be a good solution.

• Basic knowledge of at least one programming language and a strong intention to learn more. The most popular languages currently seem to be C and Java.

• A considerable amount of time, at least 5 hours a week (a typical hardcore hacker contributes as many as 14).

• While the formal education in informatics would make your way lot easier, you do not need it as a mandatory condition and no any real hacker community will ever ask you. Hackers judge about each other by one's hacking, not bogus criteria such as degrees, age, race, or position. However, at least 60 % of hackers that watch you patches do have the "right" university degree and will not allow you to do any nonsense in the project.

• During the last steps (conference and install party) you would benefit from your own laptop. However, it is not good for working at home, so only buy it if you can afford the second machine.

• The described path of becoming a hacker needs at least about two years to be completed.

#30 How to Hack

Hello,
Friend's today I am going to show you some step how to hack a computer device and network or server.
Remember these steps before you enter this field.
Keep learning

Primarily, hacking was used in the "good old days" for learning information about systems and IT in general. In recent years, thanks to a few villain actors, hacking has taken on dark connotations. Conversely, many corporations employ hackers to test the strengths and weaknesses of their own systems. These hackers know when to stop, and the positive trust they build earns them a large salary.

Part 1: Before You Hack

Step 1:

Learn a programming language. You shouldn't limit yourself to any particular language, but there are a few guidelines.

•  C is the language the Unix was built with. It (along with assembly language) teaches something that's very important in hacking: how memory works.

 

•  Python or Ruby is high-level, powerful scripting languages that can be used to automate various tasks.

• Perl is a reasonable choice in this field as well, while PHP is worth learning because the majority of web applications use PHP. 

 

• Bash scripting is a must. That is how to easily manipulate Unix/Linux systems—writing scripts, which will do most of the job for you.

 

• Assembly language is a must-know. It is the basic language that your processor understands, and there are multiple variations of it. As the end of the day, all programs are eventually interpreted as an assembly. You can't truly exploit a program if you don't know assembly.

 

 

 

Step 2:

 

Know your target. The process of gathering information about your target is known as enumeration. The more you know in advance, the fewer surprises you'll have.

 

 

 

Part 2: Hacking

 

Step 1:

Use a *nix terminal for commands. Cygwin will help emulate a *nix for Windows users. Nmap in particular uses WinPCap to run on Windows and does not require Cygwin. However, Nmap works poorly on Windows systems due to a lack of raw sockets. You should also consider using Linux or BSD, which are both more flexible. Most Linux distributions come with many useful tools pre-installed. 

Step 2:

Secure your machine first. Make sure you've fully understood all common techniques to protect yourself. Start with the basics — but make sure you have authorization to attack your target: either attack your own network, ask for written permission, or set up your own laboratory with virtual machines. Attacking a system, no matter its content, is illegal and WILL get you in trouble. 

Step 3:

Test the target. Can you reach the remote system? While you can use the ping utility (which is included with most operating systems) to see if the target is active, you cannot always trust the results — it relies on the ICMP protocol, which can be easily shut off by paranoid system administrators. 

Step 4: 

 

Determine the operating system (OS). Run a scan of the ports, and try pOf, or nmap to run a port scan. This will show you the ports that are open on the machine, the OS, and can even tell you what type of firewall or router they are using so you can plan a course of action. You can activate OS detection in nmap by using the -O switch. 

 

 

 

Step 5:

 

Find a path or open port in the system. Common ports such as FTP (21) and HTTP (80) are often well protected, and possibly only vulnerable to exploits yet to be discovered.

 

• Try other TCP and UDP ports that may have been forgotten, such as Telnet and various UDP ports left open for LAN gaming.

 

• An open port 22 is usually evidence of an SSH (secure shell) service running on the target, which can sometimes be brute forced. 

 

 

 

Step 6:

 

Crack the password or authentication process. There are several methods for cracking a password, including brute force. Using brute force on a password is an effort to try every possible password contained within a pre-defined dictionary of brute force software.

 

• Users are often discouraged from using weak passwords, so brute force may take a lot of time. However, there have been major improvements in brute-force techniques. 

 

• Most hashing algorithms are weak, and you can significantly improve the cracking speed by exploiting these weaknesses (like you can cut the MD5 algorithm in 1/4, which will give a huge speed boost). 

 

• Newer techniques use the graphics card as another processor — and it's thousands of times faster. 

 

• You may try using Rainbow Tables for the fastest password cracking. Notice that password cracking is a good technique only if you already have the hash of the password.  

 

• Trying every possible password while logging to remote machine is not a good idea, as it's easily detected by intrusion detection systems, pollutes system logs, and may take years to complete.

 

• You can also get a rooted tablet, install a TCP scan, and get a signal upload it to the secure site. Then the IP address will open, causing the password to appear on your proxy.

 

• It's often much easier to find another way into a system than cracking the password.

Step 7:

 

Get super-user privileges. Try to get root privileges if targeting a *nix machine, or administrator privileges if taking on Windows systems. 

 

• Most information that will be of vital interest is protected and you need a certain level of authentication to get it. To see all the files on a computer, you need super-user privileges - a user account that is given the same privileges as the "root" user in Linux and BSD operating systems.

 

• For routers this is the "admin" account by default (unless it has been changed); for Windows, this is the Administrator account.

 

• Gaining access to a connection doesn't mean you can access everything. Only a super user, the administrator account, or the root account can do this.

 

 

 

Step 8:

 

Use various tricks. Often, to gain super-user status you have to use tactics such as creating a buffer overflow, which causes the memory to dump and that allows you to inject a code or perform a task at a higher level than you're normally authorized. 

 

• In unix-like systems this will happen if the bugged software has setuid bit set, so the program will be executed as a different user (super-user for example).

 

• Only by writing or finding an insecure program that you can execute on their machine will allow you to do this.

 

 

 

Step 9:

 

Create a backdoor. Once you have gained full control over a machine, it's a good idea to make sure you can come back again. This can be done by backdooring an important system service, such as the SSH server. However, your backdoor may be removed during the next system upgrade. A really experienced hacker would backdoor the compiler itself, so every compiled software would be a potential way to come back. 

 

 

 

Step 10:

 

Cover your tracks. Don't let the administrator know that the system is compromised. Don't change the website (if any), and don't create more files than you really need. Do not create any additional users. Act as quickly as possible. If you patched a server like SSHD, make sure it has your secret password hard-coded. If someone tries to log-in with this password, the server should let them in, but shouldn't contain any crucial information. 

 

 

 

Tips

• Unless you're an expert or a professional hacker, using these tactics on a popular corporate or government computer is asking for trouble. Keep in mind there are people a bit more knowledgeable than you who protect these systems for a living. Once found, they sometimes monitor intruders to let them incriminate themselves first before legal action is taken. This means you might think you have free access after hacking into a system, when in fact, you're being watched, and may be stopped at any moment.

 

• Hackers are those who built the internet, made Linux, and work on open source software. It's advisable to look into hacking as it's quite respected, and requires a lot of professional knowledge to do anything serious in real environments.

 

• Keep in mind, if your target is not doing their best to keep you out, you won't ever become good. Of course, don't get cocky, don't think about yourself as the best of the best. Make this your goal: you must become better and better. Every day that you didn't learn something new is a wasted day. You are all that counts. Become best, at any cost. There are no half-ways, you must give fully of yourself. As Yoda would say, "Do or do not. There is no try."

 

•  Although it's great that there are many legal, safe training grounds available for anyone, the sad truth is that you won't become even mediocre if you don't perform potentially illegal actions. You can't become anyone if you won't find real problems on real systems, with the real risk of getting caught. Keep that in mind.

 

• Remember, hacking is not about breaking into computers, getting a well paid job, selling exploits on the black market, nor helping anyone compromise secure machines. You're not here to help the admin do his job. You're here to become the best.

 

• Read books discussing TCP/IP networking.

 

• There is a major difference between a hacker and a cracker. A cracker is motivated by malicious (namely: money) reasons, while hackers attempt to retrieve information and gain knowledge through exploration - ("bypassing security"), at any cost and in any way which may not always be legal.

 

 

 

Warnings

• Misusing this information may be a local and/or federal criminal act (crime). This article is intended to be informational and should only be used for ethical - and not illegal - purposes.

 

• Hacking into someone else's system may be illegal, so don't do it unless you are sure you have permission from the owner of the system you are trying to hack or you are sure it's worth it and you won't get caught.

 

• Never do anything just for fun. Remember, it's not a game to hack into a network, but a power to change the world. Don't waste that on childish actions.

 

•  Be extremely careful if you think you have found a very easy crack or a crude mistake in security management. A security professional protecting that system may be trying to trick you or setting up a honeypot.

 

• Don't delete entire log files, instead, just remove only the incriminating entries from the file. The other question is, is there a backup log file? What if they just look for differences and find the exact things you erased? Always think about your actions. The best thing is to delete random lines of log, including yours.

 

•  Although you may have heard the opposite, don't help anyone patch their programs or systems. This is considered extremely lame and leads to being banned from most hacking communities. And if you would release a private exploit someone found, this person may become your enemy — and this person is probably better than you are.

 

• Be careful what you hack. You never know if it has any thing to do with the government.

 

• If you aren't confident with your skills, avoid from breaking into corporate, government, or military networks. Even if they have weak security, they could have a lot of money to trace and bust you. If you do find a hole in such network, it's best to hand it to more experienced hacker that you trust who can put these systems to good use.