PR Hacks

From May 30, 1997 (http://web.archive.org/web/19970618002257/www.commadot.com/beta/html/archive.htm

The lost-world column stirred some emotions. So in all fairness, I will re-visit the idea of PR hacks.

Early in my internet career I knew some hackers. They broke into remote systems for fun or for agenda. Some of these hackers were immature and sexually deprived. Other hackers were politically saavy and left their social agenda on the table. There were also of course the segment that broke into systems for the challenge of defeating a security wall. The last deviant group, and a small minority, were the deviants; looking to wipe out data, leave viruses or possible to comit felonies without reprise.

All of these hackers were technically skilled in systems, security and programming. Very few of them had any artistic skill, but there were a few.

There is also another kind of hacker, which shows up in “inside jobs”. These men and women have physical access to the systems in question and get past the firewall using this access against the wishes of their superiors.

This brings us to hacks on the web, where substitute html and imagery is placed on a web server against the will of the server administrators. Some victims over the past 2 years have been: The Spot, CIA, The US Justice Department, The Well and of course, The Lost-World. These sites have claimed to be hacking victims against their will.

In all of these cases, the media has published stories of dangerous hackers getting into remote systems seemingly easily. The general response from the mass audience is varying degrees of discomfort in the knowledge that hackers can get into remote systems, possible our own server or desktop.

The main point that I wanted to make was the lack of sufficient research by the media to ascertain the source of the hack. Specifically, to see if the hack was indeed, a hoax.

There is almost no way to prove that any of the above-mentioned sites were hacked or hoaxed beyond a shdow of a doubt. One way to raise suspicion however is Motive. The CIA, Justice Dept, and the Well were maliciously hacked in ways that marred the reputation of the site in question. The well might have lost customers due to their security image being shaken. The CIA and Justice Dept, had pornography and political slurs plastered over their pages. Hardly what you would call positive public relations.

The Spot (last year) and the Lost World both claimed hacks that were reported in major publications, online and off. The only reaction to these “hacks” was a major increase in traffic to the website. The motive is not that off a hacker, but those of a PR agent. The lost-world site was replaced with the duck-world, including fully functional imagemaps and links.

Either this was an inside job, or the most benign good-natured, graphically skilled hackers in the world. Maybe these bizarro-hackers will beocme the digital equivalent of Robin Hood, hacking the rich and amusing the poor.

There is no way to prove these “hacks” are hacks or hoaxes. One can look at the created dates and the last modified dates of a file, but that can be faked. if is a case of, their word against no ones word.

My article was my way of calling a hoax, when seemingly no one else spoke up.

The Lost Sense of Journalism

From May 29, 1997 (http://web.archive.org/web/19970618002257/www.commadot.com/beta/html/archive.htm)

The lost-world was “hacked” yesterday. (May 28, 1997)

Someone replaced the opening image on the lost-world website yesterday. The new image transformed the scary dinosaur skeleton into a rubber duck. The caption: The duck-world. Beneath the caption was a very small tagline stating, hackers. Every detail of this replacement was perfect. The graphics were professionally designed. The imagemap was well designed and the rest of the site was untouched and worked perfectly.

The fact is, this was a publicity stunt and it’s pathetic.

The makers of lost-world.com thought it would be a great trick to put up a spoof on their own site and blame the big bad hackers. So they made a cutesy parody called the duck-world, and then proceeded to make the actual site. Real examples of hacking on the net include the CIA site turned into the Central Stupidity Agency, and the Justice Department site changed to display pornographic images. These are prime examples of hacking. A duck, perfectly designed, is not a hack; it’s a publicity stunt.

This is proven by the image and file details. Go to any image on the Web and right-click on it and save it to your hard drive. Then go to your file manager and look at the details of the image. There should be a last modified date on it. The date on the duck image was actually two days before the date on the actual dinosaur image that was supposed to be on the site. Pretty smart of the hackers to know what the site looked like before it was even created, eh?

The creators of the site then contacted CNN after the site was launched and said that their site was hacked. Oh NO! They gave CNN all the details. See Story. And CNN like a good reporter (or a paid one) posted the story at: 2:57 a.m. May 28, 1997.

This is very interesting considering that the file dates on the hacked sites were dated AFTER the story was posted. CNN wrote the story and had the hacked imagery BEFORE the site was changed.

Plain and simple, the creators of the lost-world.com tried to trick people into visiting the site to see the hack. And there was never a hack. It was a complete fabrication. A Lie. Garbage. Whether CNN knew it was a lie is unknown. But at the very least, they did not check the basic facts of the story at all. This is my biggest problem. The lack of common sense in the net media. Every story is eaten up with the barest fact checking. If CNN would have thought about this at all they would have realized that it was a PR stunt.

I just saw that news.com also picked up the story. Media Whores, selling themselves to a blue-chip site just for the publicty.

Does this bother you too?

Active Server Pages

Definition: A component of the Internet Information Server (IIS) 3.0 from Microsoft, which parses scripting languages on the server. The structure of the technology lets you create HTML pages which include scripts (right in the HTML which can talk freely to a database and other OLE resources easily and quickly.)

This technology is a milestone for web development. Scripting languages, although scoffed at by “serious” programmers for their simplicity, are actually a blessing for lowend developers who haven’t mastered C or Perl yet still want to develop powerful database driven Web sites.

Scripting languages like VBScript, JavaScript, REXX, Python and even PERL are supported by ASP. Although originally designed to work on the NT Server running IIS 3.0, ChilliSoft just released a version that runs on Unix. This development technique promises to boost interactivity throughout the web. Designers will no longer have to sacrifice design to the programmers or vice-versa.

Here is a list of ASP resources on the net for beginners with zero programming knowledge up the most advanced programmer.

Microsoft

Documentation on Active Web Pages

Using/Learning ASP

ASP 101 – A Database Interfacing Primer *Good step by step examples

ASP Resource Page

ASP FAQ

ASP Roadmap. ASP Documentation and examples

ASP Developer’s Site. Links to docs, tutorials, Faqs, Source Code, etc.

ASP Developer. Bitshop’s sponsored forum for ASP.

Cary & Gary’s Visual Basic Home Page. Active Server Pages Demo.