[rhaps0dy]

The whole story, or the 3x7r3m3 13375p34k 0f 7h3 5k1dd13?

[tptacek]

The whole story, the vibe of the story, the moral of the story, the use of the word "crack"; it comes off pungently as if written by a professional Unix systems administrator.

[bgwalter]

The moral of the story is not about cracking or getting arrested. It is a metaphor for the danger of taking shortcuts, just like certain other shortcuts in programming that are currently popular and also come with their own version of 1337 language.

And about the tools that enable ScriptKiddies or their modern equivalents to achieve some fast results, for which they have to pay later.

[tptacek]

Yeah, no, I get that, it's just not how anybody who actually broke into computers would think about this.

[DanHulton]

And it's not about those people. It's "Master Foo and the Script Kiddie", not "Master Foo and the Professional Red-Teamer".

It's about a fictional archetype, and the story isn't meant to be taken literally, it's illustrative for the sake of a lesson.

[tptacek]

I'm aware of what the story is meant to be about. I'm saying it's cringe, not that people should take shortcuts on everything.

[ForOldHack]

Boot to the head.

[lukan]

Enlighten us oh wise one then, how would they think?

But I assume you mean the moral of the story is to never break into computers?

I think you are wrong about that. I see the moral as, don't break into computers for the lulz. Especiall not, if you don't know what you are doing. The master clearly can break into systems. But doesn't do it. He feels no need to take stupid risks to proof his skills.

[tptacek]

I'm not "wise", I was just there at the time. Nobody ever looked at an easy to pop system and thought "oh, if I rexd into this host, the FBI is going to come knocking on my door". The prevailing spirit of the time was pretty close to "the only way to get anyone to show up at your door is to steal and use credit card numbers".

The story isn't about breaking into computers; it's drawing an analogy, of a careless action and an undesired consequence. My problem with it is that it's an undesired consequence of the variety dreamt of by Unix systems administrators of the time (we're gonna catch those rascally hackers and they're gonna get it!) and seen in the real world ~never. That doesn't make the moral of the story wrong (be careful), just cringe.

[hylaride]

As a former UNIX administrator (now cloud/devops/SRE/whatever), I can attest that when seasoned professionals are tasked to maintain systems that often run critical code (for finance, government, healthcare, etc) where we are often at the mercy of other groups (accountants, management, etc) treating us like a "cost centre" where proper investment can be hard will result in a very jaded and cynical outlook.

This is as much a defence mechanism as it is a calling card.

[loloquwowndueo]

What’s wrong with professional sysadmins? (It’s sysadmin appreciation day this Friday btw)

[ForOldHack]

The patchtape giveth,and the patchtape taketh away.

[tptacek]

Nothing at all.