Hacking: Legal and Ethical Problems

  • Thread starter Thread starter ISamson
  • Start date Start date
  • Tags Tags
    Hacking Law
Click For Summary

Discussion Overview

The discussion revolves around the legal and ethical implications of hacking, particularly in the context of personal experimentation and cybersecurity competitions. Participants share their experiences, concerns, and suggestions regarding safe practices in hacking and penetration testing, while exploring the boundaries of legality and ethics in these activities.

Discussion Character

  • Exploratory
  • Debate/contested
  • Technical explanation

Main Points Raised

  • One participant expresses a desire to understand potential legal infringements related to network scanning and the use of a Wi-Fi Pineapple device.
  • Another participant suggests creating an isolated network using Raspberry Pis and Windows machines for safe penetration testing.
  • Some participants caution that hacking without written permission is likely illegal.
  • There are discussions about the risks of connecting devices to the internet and the importance of maintaining a secure, isolated environment for experimentation.
  • Concerns are raised about the implications of hacking personal devices, such as phones, even with permission.
  • Participants share anecdotes and cautionary tales about past hacking incidents and their legal consequences.
  • Some suggest using public wargame servers for practice instead of personal devices.
  • There are inquiries about the feasibility of creating a local network without internet access and how to do so effectively.
  • Participants discuss the concept of a virtual network and the use of virtual machines for safe experimentation.

Areas of Agreement / Disagreement

Participants express a mix of caution and curiosity regarding hacking practices. While some agree on the need for isolation and permission, others explore different methods and tools, indicating that multiple competing views remain on the best practices for ethical hacking.

Contextual Notes

There are limitations in the discussion regarding the specifics of legal frameworks, the technical details of setting up networks, and the assumptions about participants' prior knowledge and resources.

Who May Find This Useful

This discussion may be useful for individuals interested in cybersecurity, ethical hacking, and those looking to understand the legal implications of their activities in technology and network security.

ISamson
Gold Member
Messages
435
Reaction score
150
On the weekend I have participated in a hacking and cybersecurity competition.
We were assigned some capture the flag challenges in teams and we had an awesome weekend of hacking!
My teammate and I have won the high school division and as a prize we get a Wi-fi Pineapple Nano Basic. This is a cool wireless hacking module. I also want to continue with my interests in technology and cybersecurity.
However, as I do not know much about Governmental Laws, I would like to know how I could infringe with the Law in any possible way with network and port scans, the Pineapple module, any connections to open ports and so on. Does anybody know any possibilities of law infringement? Precautions?
Thank you.
 
Technology news on Phys.org
Make your own off net network sandbox with a few raspberry pis and windows machines and explore your penetration testing there.

Once you start playing on the internet you run the risk of crossing a line and getting into big trouble.

Remember the famous case of Robert Morris who created the first internet worm. He wanted to see if he could make a self-replicating program to explore the size of the internet and unleashed it on the real network with disastrous results. He became famous, embarrassed his father, a noted security expert and now works at MIT as a tenured professor.

At the time he got 3 years probation and was fined $10K.

https://en.wikipedia.org/wiki/Robert_Tappan_Morris
 
  • Like
Likes   Reactions: Janosh89, QuantumQuest and ISamson
The simplest rule is to assume that you're breaking the law if you don't have written permission.
 
  • Like
Likes   Reactions: jedishrfu
jedishrfu said:
Make your own off net network sandbox with a few raspberry pis and windows machines and explore your penetration testing there.

I do not have raspis.
I don't think I know how to make my own network, unfortunately. However, yes, I was thinking about this, good idea, but I don't know how to make thw network and raspis are not my speciality.
What if I hack my own phone for example? I have my permission.
Thank you.
 
How to make an inner network?
 
ISamson said:
I do not have raspis.
I don't think I know how to make my own network, unfortunately. However, yes, I was thinking about this, good idea, but I don't know how to make thw network and raspis are not my speciality.
What if I hack my own phone for example? I have my permission.
Thank you.

Your phone has connections to the outside world. No wifi, no cellular, no connections to any network.

Creating a network isn't that hard. You just need connect your machines to your router and disconnect it from the internet. Gamers used to do this all the time for group play aka a LAN party.
 
jedishrfu said:
Creating a network isn't that hard. You just need connect your machines to your router and disconnect it from the internet.

Ok. Yep, I remember we did this with a multiplayer game. Would that waste mobile data?
 
Only if you use the cellular network to transfer data. Thats why folks try to connect to wifi whenever possible.

Caveat: Never connect to a public wifi unless you absolutely have to and you then take on the risk of not divulging private inof or cc card numbers...

Its too easy to do a man-in-the-middle attack or some other similar attack and read your transmissions.
 
  • #10
Does this have anything to do with web servers/servers?
 
  • #11
jedishrfu said:
You just need connect your machines to your router and disconnect it from the internet.
How can you do that?
How can you disconnect something from the internet and still wirelessly communicating between devices?
 
  • #12
Are we talking about VPNs?
 
  • #13
  • Like
Likes   Reactions: ISamson
  • #15
There are lots of sites on the internet that have public wargames servers. You could use one of those.
 
  • Like
Likes   Reactions: ISamson
  • #16
DavidSnider said:
There are lots of sites on the internet that have public wargames servers. You could use one of those.
Yes, but I wanted to experiment with my own things.
Thanks.
 
  • #17
ISamson said:
Yes, but I wanted to experiment with my own things.
Thanks.

The "offline" route is creating a virtual network and have the edges of the network have VMs with images of "damn insecure linux". They have prepackaged docker images that set up a pretty good out of the box lab for you.
 
  • Like
Likes   Reactions: ISamson
  • #18
Anyone know of Wi-fi Pineapple?
 
  • #19
ISamson said:
What if I hack my own phone for example? I have my permission.
What if I hack my phone? I have my permission...
@jedishrfu, I don't get your answer:
jedishrfu said:
Your phone has connections to the outside world. No wifi, no cellular, no connections to any network.
 
Last edited:
  • #20
Ask yourself "Do I want yo go to jail for hacking?" and then answer "NO!"

Solution: Don't connect to wifi, don't connect to cellular, don't connect to any system connected to the internet.

Consider your experiments like a contagious virus. You don't want to create a pandemic right?

https://en.wikipedia.org/wiki/Biosafety_level#Biosafety_level_4

So you must play in total isolation. Learn from your experiences and become a successful computer security expert. Anything beyond that will lead to prison.

Skilled hacker:
https://en.wikipedia.org/wiki/Hacker

Wannabe hacker:
https://en.wikipedia.org/wiki/Script_kiddie

Hacked hackers:
https://en.wikipedia.org/wiki/List_of_computer_criminals

Don't be these guys! Don't go to prison! Don't be Mr Robot! Watch Mr Robot instead.

https://en.wikipedia.org/wiki/Mr._Robot
 
  • Like
Likes   Reactions: ISamson, OCR and Borg
  • #21
jedishrfu said:
Don't be Mr Robot! Watch Mr Robot instead.

The prize for the competition I mentioned earlier, that I won, was seasons 1 & 2 of Mr Robot. But since it is an MA rated show, the organisers did not give it to us, because we are only in year 7 and thay did not expect such young people. Instead they will give us a Pineapple Nano Basic. :smile:
 
  • #22
ISamson said:
The prize for the competition I mentioned earlier, that I won, was seasons 1 & 2 of Mr Robot. But since it is an MA rated show, the organisers did not give it to us, because we are only in year 7 and thay did not expect such young people. Instead they will give us a Pineapple Nano Basic. :smile:

Oh well, it’s a pretty good show. It’s the most accurate portrayal of a hacker on tv to date.
 
  • Like
Likes   Reactions: ISamson
  • #23
jedishrfu said:
Your phone has connections to the outside world. No wifi, no cellular, no connections to any network.

Creating a network isn't that hard. You just need connect your machines to your router and disconnect it from the internet. Gamers used to do this all the time for group play aka a LAN party.

So, must I put the "Mobile hotspot" on without data, connect to it and that is it?
 
  • #24
jedishrfu said:
Creating a network isn't that hard.

I get it. Just connect all the devices as in the picture and disconnect from the big Earth icon...:smile:
home-solution-wifi-devices-network-184281306-57f795863df78c690f36336d.jpg
 

Attachments

  • home-solution-wifi-devices-network-184281306-57f795863df78c690f36336d.jpg
    home-solution-wifi-devices-network-184281306-57f795863df78c690f36336d.jpg
    35.8 KB · Views: 338
  • Like
Likes   Reactions: jedishrfu
  • #25
Yes that's a great setup.

The one limitation is that you have only one PC whereas I think you need a second to be the hacking master console.

How did you downsize the Earth?
 
  • #26
ISamson said:
Can this be done with streamed mobile data? We don't have a router and my mother streams her limited mobile data.
If you don't have a wifi router you have very little use for the wifi pineapple device.
 
  • #27
jedishrfu said:
The one limitation is that you have only one PC whereas I think you need a second to be the hacking master console.

To my disposal anytime I want I have a phone and a Mac Pro Pc. + another PC if I want to.
jedishrfu said:
How did you downsize the Earth?
I did not. What do you mean?
 
  • #28
It was a joke reference to a new Matt Damon movie called Downsizing where people get reduced to 5” tall and live in a community specially built for them and essentially saving money because they use less resources or something like that.

What I meant about the second pc is that you’d use it to do hack testing on all the devices in your picture as I thought that was your intent to make a legit hackers test setup. The second pc would allow you to do hacking penetration on the first pc as well as the other devices.
 
  • Like
Likes   Reactions: ISamson

Similar threads

AT&T 5G cellular home internet - first impressions
  • · Replies 5 ·
Replies
5
Views
6K
Is Moore's Law Still Relevant in the Age of Semiconductors and Robosourcing?
  • · Replies 23 ·
Replies
23
Views
3K
Undergrad What is the Horse and Cart Problem in Newton's Third Law?
  • · Replies 7 ·
Replies
7
Views
14K
Where do ethics come from and how do they shape society?
  • · Replies 12 ·
Replies
12
Views
4K
Graduate Problem understandinging laws of motion
  • · Replies 15 ·
Replies
15
Views
3K
Moral Observation Sentences: Can Ethics be Modeled on Science?
  • · Replies 17 ·
Replies
17
Views
7K
Guide with Forces, Motion, Newton's Laws & Momentum
  • · Replies 1 ·
Replies
1
Views
4K
What Resources Can Help Understand Newton's Laws for Solving Physics Problems?
  • · Replies 1 ·
Replies
1
Views
2K
Graduate BRS: PKI Cryptosystems for SA/Ms: A Tutorial
  • · Replies 13 ·
Replies
13
Views
4K
News Bush Honest & Trustworthy Until How Many Lies?
  • · Replies 65 ·
3
Replies
65
Views
12K