Moral issues with helping people on the R-E fora.

[Acidictadpole]

I've been reading these fora for a while now, I don't usually post because I know others who know better and more than I do come around within at least 5 minutes after I see the post and provide one of two answers. The first of which is the actual answer to the question posed, but other times it's along the lines of "Sod off, we know what you're trying to do and we'll refuse to help you".

Taking a step back there's an obvious reason for this. Nobody wants to help someone else do something illegal. And that's very respectable, those who are in this profession (security) for defensive purposes usually know what they're doing and can weed out those who aren't in this profession and are just trying to get back at some boyfriend or girlfriend for breaking up with them or something stupid like that.

Apart from the obvious "cn u halp me crak my neighbors routr lol" at what point will most of you shut the thread down in your eyes and say "No, you're going to be doing something illegal and for that we refuse to help"? I know for a lot of people it'll be a grey area, for myself when I help people on the fora I try to convey knowledge of concepts rather than actual steps in the process. It's how I like to learn and prefer to learn in many cases (sometimes I need an additional nudge in the direction of a program that may already be written to help with something).

So would a good screening test be something along the lines of "You're just trying to figure out the method rather than the concept, so you're not in it for the knowledge but rather the one time use attack on your neighbor"? Because even that has its flaws with regards to whether the person has a legitimate use of the knowledge, even the steps and commands without the idea behind them. Someone could be concerned about their home wireless network and may just want to run their own home test, that's not illegal. But us viewing him with no background experience will trigger something for us that flashes warning lights not to help him.

Many a person has been turned away from getting help, do we like doing this if we can? I've often considered posting to one of those semi-obvious threads with a conceptual idea of what the poster was asking, without directly giving them the means to commit anything illegal. If they ask about intercepting messages on a network post back with the concept of MITM or arp-spoofing without naming applications or methods of doing so if the legality of the act is in question.

There's no real question posed in this thread I'm just curious what others think. Or maybe you have some insight on when you turn people away, or that kind of stuff.

[mfBaranian]

I don't think that a lot of people on this forum has energy to do that. This is more of a social theme (in a forum full of exact science worshipers) and "converging people to another faith" is very hard work often unsatisfying. Some here have methods that do just that and are: less time and effort consuming, more direct and proven effective. KMDave has the best approach IMHO. He often helps you to help yourself and the process alone will select the believers (who will dig down) from nonbelievers (who will think it's too much hassle).

[KMDave]

I can only speak for myself here:

I am usually really patient and I also don't mind to help people and try to give them some guidance along their way but they have to show that they are capable of understanding and learning what they were asking for and not just get spoonfed the answer and have no clue why it's working.

As for the moral stuff, I am in general more suspicious especially to people who just joined. Some people joined the forum after being around in IRC for quite some time so that makes a difference sometimes (i.e. SuspectZero).

Since people are more or less anonymous on here and noone can verify a story I say to myself in dubio contra reo. Being around for some time and reading a lot of threads it is also some experience on how most of the illegal threads start. If people contradict themself it is also an indicator for me that they have something illegal in mind as well as people refusing to or trying to avoid certain questions and maybe even getting rude and insult people.

I'd guess that around 90% of the people doing illegal stuff or trying to who are on here are looking for the easy kill.
If people are curious about it they usually don't ask how say SpoonWEP works or even ask basic Linux questions.
I know that sometimes people draw a blank and that noone can know everything, but it is also always a matter of how much effort puts into researching at first and how the question is formulated and how one reacts to the answers.

Hope that is something you were looking for as a reply.

[Acidictadpole]

Nice replies

I didn't have a specific kind of reply in mind when I created the topic. I just noticed that some people have a tendency to jump to conclusions about illegal acts, and jumping into a thread with that position already somewhat fortified by a few posters tends to push me away from posting any help or comments I may have.

In short I've come to the conclusion that the opinions of people who are first to post in a thread usually have the ability to turn off any additional help for what could turn out to be a really confused but interested person doing something legal. If it has been established in the thread that someone is up to no-good, I'd feel weird offering up any sort of help this person would be after. In this case I generally try to do what you're doing, which is provide conceptual help about the topic rather than straight up commands. However that's not always possible, is it better to just not reply at all in that case? Is it better to reply and state that I believe they're not going to use this information for legal purposes and should stop trying.

You refer to the people here as believers, I am not pointing fingers but even the people who use this for good purposes can also use this for bad. Just because someone passes your believer test doesn't mean they aren't up to no good still, but just seem more interested than a casual passerby. At what point can you absolve yourself of aiding someone with an illegal act in mind? In some cases, some people can be pointed in the right direction and get help further down the line and still commit their crime.

[KMDave]

I am not saying that I can trust anyone but myself. But you know there is still a difference. While some people are just stupidly more or less admiting to commit a crime, there are also people who seem to look for knowledge not to be a l33t h4x0r to show off.

If it is obvious that someone is well doing something illegal I surely won't help him. That's why even if I am doubting that what a person is doing is legal I refuse to help most of the times.
Of course other people also might do something illegal but they are not well saying it.

But that also just goes for me and how I answer or not.

Sometimes I might seem to be too rough or unfriendly but some people deserve nothing different. And yes I can misjudge or interpret something but either it get straightened out and I have no problem admiting that I made a mistake if I did.

But as I said a lot of people just look to pwn their neighbors or alike and they don't even try to hide on what they are planning to do.

[Barry]

I think it just comes down to past experience. A lot of the regulars have been around the block a few times when it comes to sniffing out shady posters. I think I lurked this forum for about a year before actually signing up for an account. I've been reading and replying to "how do I hack my neighbors wep" for years. I can probably speak for those of us that have migrated over from the Netstumbler forums, that we've probably seen it all. As for moral issues, I don't see the problem with helping someone out, as long as they pass our first impression of them. If they then later get arrested for hacking the Gibson, or some other dumb ass thing, well, that kinda sucks. Not a lot we can do about it. It's not like they are killing someone with what we teach them. That's a whole different can of worms that some of us have had to deal with.

[Mr. Flibble]

I have been lurking on this forum for months, and only registered recently. From what I have seen of the wireless posts, most of them are from skiddies trying to get free wifi or get revenge or something similar.

Generally, what triggers that sort of post for me is one that is well thought out with proper spelling and grammar is probably by someone at least old enough to be professional about what they are doing. My guess is that 99% of the people posting on this forum HAVE done something illegal according to the wireless laws in their home country.

Realistically, there is no way for me to judge if someone is actually doing something illegal or legal. They can frame their post in any manner that they want on these forums and make it appear from their intent to go either way.

As to the issue of turning away people looking for help, I don't have a problem with this... But allow me to explain my position on that. I am willing to help a poster that is genuinely interested in LEARNING something, is willing to admit that they don't know something, and is willing to admit that they are doing their best to learn either via googling or searching the forums. Recently, a noob posted his first question on the forums (his first ever post) which had a really simple answer. I responded, and got a PM from him where he apologized for asking what was a dumb question. I responded with a long PM saying how he was not dumb, but gave him some advice on how to use the forum, and how to ask questions in relation to a Linux forum. I told him what would get him the answers he wanted, and what would cause posters to ignore his posts.

I then explained how in 1997 I was in exactly his shoes when I first started using Linux, and how I made exactly some of the same posting mistakes. I am more than willing to help anyone who is honest and tries hard. But anyone that is not smart enough to at least format their post to camouflage the fact that they are trying to break their neighbors WiFi, or be respectful about it gets no help from me.

So, it is simple in my eyes. New posters should - read all the stickies, use google, search the forum, and then state that they have done the above and *NOT* found the answer before posting. Additionally, more to your point they should at least format their post to a degree so we can't tell if they are doing something legal or not. Obviously, coaching their posts with something like "I set my router up with WEP and now I am attacking it" goes a long way. I have no other means of judging their honesty.

(As an aside I just had one of my users here at work ask me a question - consuming 15 min of my time and they *REFUSED* to google it, instead asking ME to do so... *sigh*)

The final point is that Backtrack (from what I have read by lurking) is generally intended for experience Linux users who have a need for a penetration testing specific distribution. Most of the first time posters seem either brand new to Linux or out to do harm because they are '31337'. I find that this raises the level of noise on these forums when I have been here as this place is a great resource for the work that I do.

I have no problem with turning away people if they won't respect me as a person, and refuse to at least put in a little effort. I at least get paid to answer google style questions at work. Here, on these forums I don't get paid to do that. I am helping out of my own free time, so if the new posters put in an effort, then I will put in an effort as well. If they don't put in an effort, why should I spend more of my own personal time helping them solve a problem than they themselves have put into it?

People new to backtrack or Linux are fine, people doing stuff that is legally questionable is something that they should at least be smart enough to hide so that they APPEAR to be doing legal stuff, so I at least feel better about answering their questions.

[Archangel-Amael]

I think it just comes down to past experience. A lot of the regulars have been around the block a few times when it comes to sniffing out shady posters.

Having spent a huge amount of time here like Barry pointed out is one of the things that can help spot the fake posts. I lurked here for about a year as well before signing up. I have noticed that with the release of each new version of BT there is an influx of the same types of questions over and over again.
This goes to show that people hear from somewhere how easy it is to crack da wep. Then they think that this is hacking. This just also shows that they have no real interest in searching for the answers, thus learning anything. There is always this trend of "testing my routers wep". Everyone knows that wep is insecure as such there is no need to test it. You will also see a trend with new posters asking about one thing (how to get their card to work), then the next thing you know they are asking how to do a hdd install. But the question on the card is still not solved. So why move on? Those people again show that they have no focus and as such are looking for any easy route (for a good example see the spoonwep threads as KMDave mentioned).

Having spent ten years in the Army I always hated when some one (generally with a bit of rank) would call a junior an idiot or whatnot, I always thought "hey what if this guy saves your life one day?" As such I always try to give people the benefit of doubt. I have seen thousand upon thousands of examples of "social engineering". I think any one that has been in the service and had to do some kp or whatever knows the types of excuses that can be had, and how to spot them. Not to mention I have read lots of the threads by some of those senior here to me Barry, streaker, and pureh@te to name a few. Those are the masters at spotting a fake (imho).

[Mr. Flibble]

If they then later get arrested for hacking the Gibson...

Dude, *NO ONE* can hack a Gibson!

[hhmatt]

Bottom line these forums are here for BackTrack support. The people that come here asking "How do I crack my WEP?" is not only rude but it also shows that they have taken no effort whatsoever to answer their own question. The answers are already there, Google. If they took the time to read the tutorials section also they would quickly find that the answer is conveniently posted in these forums also.

I personally don't mind all of the stupid questions if they are about something I haven't learned yet. Some people are just stupid and you can find some of them sent to the corner.

Like some of them already said, the senior members here have already seen almost all types of social engineering and can easily call BS on a lot of these posts and have very valid reasons why. The reason is, these forums are not a haven for illegal activity and we aren't criminals. Some of us are former/current police, government, and/or military personnel.

If you get the opportunity to have a good conversation with almost any of the senior members you will find that they are very good people. They are not people who are just waiting to find the latest moron to thrash.