A bit of a background before I begin this post. Ankit Fadia is zis guy, an alumnus of Delhi Public School R K Puram, who *claims* he’s this hotshot hacker, over whom ‘certain undisclosed security agencies in the USA’ always call using the Bat-signal whenever Osama bin Laden sends an email ordering Viagra.
Anyway, I turn up at the venue to find nobody to guide people around. Mystified, I found my way around and made it to the auditorium. (Tapadia Auditorium,Aurangabad,MaharashtrA)
AfteR making everyone wait for about 30 minutes beyond the schedule time, this CL guy Harpreet Dhody goes on stage, and makes cheesy lines like (my commentary in square braces)…
If you got an opportunity to meet Einstein or Stephen Hawkins [yup, THAT's what he said], will you give it away? No! Same for Ankit Fadia…blah…blah……a premonition of how bad the evening was gonna be. Anyway, the show must go on, and Mr Fadia came on stage…
How many use the Internet? Stop using it, it’s unsafe…
How many use Google? Stop using it [yay!], because it keeps logs [duh, they need to make money]…
How many use web mail like Yahoo, Hotmail or Gmail? Stop using it, they keep records too…
…and RIGHT there on the screen, in the presentation we had…
Too sad that it was a dark hall, and the pictures didn’t come out well for me to show you guys this.
Anyway, he got on with great relish to start explaining about how privacy is a big issue; and told the case of some woman staying in one-room apartment in Mumbai four years ago who had broadband Internet (Eh? Broadband, FOUR years back? Must’ve been Sify, who still call 64 kbps ‘broadband’), and how some Big Bad Wolf turned on her webcam 24×7 or something. Then he took another case…
…NASA’s systems were hacked by an 11-year old Russian teenager, who diverted a rocket around in space after it was launched…caused billions of dollars in damage as the spacecraft was lost…
He moved on to talking about hiding IP addresses, which he made pretty interesting for the general audience, After that, and after mentioning about proxy servers, proxy bouncing, etc; he decided to speak on anonymising…
…and then how he saved paying Australian $20-30 at some Sydney hotel because he found unsecured hotspots nearby…
…use encryption standards like WEP…
For the slightly intelligent people out there, you’d probably be knowing that WEP was a standard dropped WAY back in favour of newer stuff like WPA and WPA2; because WEP has flaws which enables stuff like AirSnort and AirCrack to prise open the Wi-Fi clamshell in a short time.…
Next up was email spoofing, where he didn’t even bother to show the theory behind it. Instead, he opened this page; and proceeded, with utmost pride, to show that he knew how to fill an HTML form, explaining each and every step (“press tab to shift focus to the next field” – sounds hi-fi, doesn’t it?), and then finishing with “all you need to do now is click submit”, on a laptop which didn’t have an Internet connection.
After that, he showed steganography, which is basically encrypting images in innocent looking photos (like that of Avril Lavigne, which he used). Now what he claimed then (and has for quite some time is) that after the 9/11 attacks in USA ‘certain undisclosed security agencies in the USA’ intercepted messages from Al-Qaeda and sent them to our dear friend because they couldn’t figure out what it was. Our dear friend, as he says, couldn’t figure out anything for 3 weeks, and in the 4th week (yay, Google search!) it struck him that it could be this. Our dashing young frood then told his masters in the US, and got the license to have his martini shaken AND stirred. I might add here that the sarcasm + wisecracks here are by me, lest you think he’s a (non)sense of humor.
Amazing story, except for the fact that NO publication except the USA Today ever spoke of US agencies intercepting ‘such messages’ – and I might add that the guy (Jack Kelley) who wrote the story was later fired in 2004 for ‘fabricating false stories and sources’. Hmm.
Mr Fadia then proceeded with a ‘live hacking demo’, where he had installed a trojan (NetBus, in case you’re curious) on his OWN laptop and ‘connected’ to it on his own laptop, and showed its various features (he can be a good salesman). He then proceeded on how India has been losing out in the cyber war against Pakistani hackers…
…they hack 50-60 Indian sites daily, while we can only do 10-20 of theirs…
Don’t try this at home, this IS breaking cyber law, but since it’s Harpeet’s laptop, he’ll be legally responsible if anything is caught…
…during which time that CL guy’s EXPRESSION was (MasterCard) priceless. Anyway, he opened up BSNL’s admin page, and proceeded to do his ‘live hacking demo’, where he entered username as admin and password as ‘=’ OR ‘=--’, which he referred to as the *magic code*. Even on being asked multiple times by some people in the audience. Nothing ‘magic’ about it, it was a simple SQL injection attack.
With that, we came to and end, and I asked for his autograph (AND photo wit); which, BTW, I was not supposed to get unless I’d joined his course, but I haven’t come across too many people who refuse autographs…
Now I *have* to admit at the end that Ankit Fadia is stunningly brilliant at explaining dry-as-Egyptian-mummies (for general people) topics like proxies to portly gents in an easy manner. He’s also pretty good at keeping audiences engaged with such boring stuff. I’d therefore say…
My rating of how useful Ankit Fadia’s Certified Ethical Hacker Course will be for a normal Joe: 5.9 / 10
As I said, geeks won’t find anything here they don’t know; and the title is pretty pretentious anyway. Yes, for normal people however I’d say this course would be pretty good to get them stuffed with basic knowledge on what the f**k exactly is going on when they use the Internet and HOW they might be conned. However, it WILL sorta give them the feeling that they’re top class hackers now, which they aren’t. That false sense of security isn’t something very good on the Internet.
Ankit Fadia
fadia.ankit@gmail.com
Anyway, I turn up at the venue to find nobody to guide people around. Mystified, I found my way around and made it to the auditorium. (Tapadia Auditorium,Aurangabad,MaharashtrA)
AfteR making everyone wait for about 30 minutes beyond the schedule time, this CL guy Harpreet Dhody goes on stage, and makes cheesy lines like (my commentary in square braces)…
If you got an opportunity to meet Einstein or Stephen Hawkins [yup, THAT's what he said], will you give it away? No! Same for Ankit Fadia…blah…blah……a premonition of how bad the evening was gonna be. Anyway, the show must go on, and Mr Fadia came on stage…
How many use the Internet? Stop using it, it’s unsafe…
How many use Google? Stop using it [yay!], because it keeps logs [duh, they need to make money]…
How many use web mail like Yahoo, Hotmail or Gmail? Stop using it, they keep records too…
…and RIGHT there on the screen, in the presentation we had…
Too sad that it was a dark hall, and the pictures didn’t come out well for me to show you guys this.
Anyway, he got on with great relish to start explaining about how privacy is a big issue; and told the case of some woman staying in one-room apartment in Mumbai four years ago who had broadband Internet (Eh? Broadband, FOUR years back? Must’ve been Sify, who still call 64 kbps ‘broadband’), and how some Big Bad Wolf turned on her webcam 24×7 or something. Then he took another case…
…NASA’s systems were hacked by an 11-year old Russian teenager, who diverted a rocket around in space after it was launched…caused billions of dollars in damage as the spacecraft was lost…
He moved on to talking about hiding IP addresses, which he made pretty interesting for the general audience, After that, and after mentioning about proxy servers, proxy bouncing, etc; he decided to speak on anonymising…
…and then how he saved paying Australian $20-30 at some Sydney hotel because he found unsecured hotspots nearby…
…use encryption standards like WEP…
For the slightly intelligent people out there, you’d probably be knowing that WEP was a standard dropped WAY back in favour of newer stuff like WPA and WPA2; because WEP has flaws which enables stuff like AirSnort and AirCrack to prise open the Wi-Fi clamshell in a short time.…
Next up was email spoofing, where he didn’t even bother to show the theory behind it. Instead, he opened this page; and proceeded, with utmost pride, to show that he knew how to fill an HTML form, explaining each and every step (“press tab to shift focus to the next field” – sounds hi-fi, doesn’t it?), and then finishing with “all you need to do now is click submit”, on a laptop which didn’t have an Internet connection.
After that, he showed steganography, which is basically encrypting images in innocent looking photos (like that of Avril Lavigne, which he used). Now what he claimed then (and has for quite some time is) that after the 9/11 attacks in USA ‘certain undisclosed security agencies in the USA’ intercepted messages from Al-Qaeda and sent them to our dear friend because they couldn’t figure out what it was. Our dear friend, as he says, couldn’t figure out anything for 3 weeks, and in the 4th week (yay, Google search!) it struck him that it could be this. Our dashing young frood then told his masters in the US, and got the license to have his martini shaken AND stirred. I might add here that the sarcasm + wisecracks here are by me, lest you think he’s a (non)sense of humor.
Amazing story, except for the fact that NO publication except the USA Today ever spoke of US agencies intercepting ‘such messages’ – and I might add that the guy (Jack Kelley) who wrote the story was later fired in 2004 for ‘fabricating false stories and sources’. Hmm.
Mr Fadia then proceeded with a ‘live hacking demo’, where he had installed a trojan (NetBus, in case you’re curious) on his OWN laptop and ‘connected’ to it on his own laptop, and showed its various features (he can be a good salesman). He then proceeded on how India has been losing out in the cyber war against Pakistani hackers…
…they hack 50-60 Indian sites daily, while we can only do 10-20 of theirs…
Don’t try this at home, this IS breaking cyber law, but since it’s Harpeet’s laptop, he’ll be legally responsible if anything is caught…
…during which time that CL guy’s EXPRESSION was (MasterCard) priceless. Anyway, he opened up BSNL’s admin page, and proceeded to do his ‘live hacking demo’, where he entered username as admin and password as ‘=’ OR ‘=--’, which he referred to as the *magic code*. Even on being asked multiple times by some people in the audience. Nothing ‘magic’ about it, it was a simple SQL injection attack.
With that, we came to and end, and I asked for his autograph (AND photo wit); which, BTW, I was not supposed to get unless I’d joined his course, but I haven’t come across too many people who refuse autographs…
Now I *have* to admit at the end that Ankit Fadia is stunningly brilliant at explaining dry-as-Egyptian-mummies (for general people) topics like proxies to portly gents in an easy manner. He’s also pretty good at keeping audiences engaged with such boring stuff. I’d therefore say…
My rating of how useful Ankit Fadia’s Certified Ethical Hacker Course will be for a normal Joe: 5.9 / 10
As I said, geeks won’t find anything here they don’t know; and the title is pretty pretentious anyway. Yes, for normal people however I’d say this course would be pretty good to get them stuffed with basic knowledge on what the f**k exactly is going on when they use the Internet and HOW they might be conned. However, it WILL sorta give them the feeling that they’re top class hackers now, which they aren’t. That false sense of security isn’t something very good on the Internet.
Ankit Fadia
fadia.ankit@gmail.com
No comments:
Post a Comment