Scribd
Upload
38 views1 page

Gray Hat Hacking 36

The document discusses zero-day attacks, which are vulnerabilities without available fixes, and how they are sold to hackers and organized crime. It highlights the ethical gray areas in technology, particularly with peer-to-peer file sharing protocols like BitTorrent, which complicate legal accountability for illegal content distribution. The text also mentions various BitTorrent trackers that have faced legal action for hosting such material.

Uploaded by

digapo7593
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
38 views1 page

Gray Hat Hacking 36

The document discusses zero-day attacks, which are vulnerabilities without available fixes, and how they are sold to hackers and organized crime. It highlights the ethical gray areas in technology, particularly with peer-to-peer file sharing protocols like BitTorrent, which complicate legal accountability for illegal content distribution. The text also mentions various BitTorrent trackers that have faced legal action for hosting such material.

Uploaded by

digapo7593
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

Gray Hat Hacking, The Ethical Hacker’s Handbook, Third Edition

8
Some hackers also create and sell zero-day attacks. A zero-day attack is one for which
there is currently no fix available and whoever is running the particular software that
contains that exploitable vulnerability is exposed with little or no protection. The code
for these types of attacks are advertised on special websites and sold to other hackers or
organized crime rings.

References
Alinean www.alinean.com/
Computer Crime & Intellectual Property Section, United States Department of
Justice www.cybercrime.gov
Federal Trade Commission, Identity Theft Site http://www.ftc.gov/bcp/edu/
microsites/idtheft/
Infonetics Research www.infonetics.com
Privacy Rights Clearinghouse, Chronology of Data Breaches, Security Breaches
2005-Present www.privacyrights.org/ar/ChronDataBreaches.htm#CP
Robot Wars: How Botnets Work (Massimiliano Romano, Simone Rosignoli,
and Ennio Giannini for hakin9) www.windowsecurity.com/articles/
Robot-Wars-How-Botnets-Work.html
Zero-Day Attack Prevention http://searchwindowssecurity.techtarget.com/
generic/0,295582,sid45_gci1230354,00.html

Recognizing the Gray Areas in Security


Since technology can be used by the good and bad guys, there is always a fine line that
separates the two. For example, BitTorrent is a peer-to-peer file sharing protocol that al-
lows individuals all over the world to share files whether they are the legal owners or
not. One website will have the metadata of the files that are being offered up, but in-
stead of the files being available on that site’s web farm, the files are located on the
user’s system who is offering up the files. This distributed approach ensures that one
web server farm is not overwhelmed with file requests, but it also makes it harder to
track down those who are offering up illegal material.
Various publishers and owners of copyrighted material have used legal means to
persuade sites that maintain such material to honor the copyrights. The fine line is that
sites that use the BitTorrent protocol are like windows for all the material others are
offering to the world; they don’t actually host this material on their physical servers. So
are they legally responsible for offering and spreading illegal content?
The entities that offer up files to be shared on a peer-to-peer sharing site are referred
to as BitTorrent trackers. Organizations such as Suprnova.org, TorrentSpy, LokiTorrent,
and Mininova are some of the BitTorrent trackers that have been sued and brought off-

You might also like