[Fsf-friends] Fwd: Ankit Fadia -- my childhood hero!

Prabhat Sandheliya prabhat.news@[EMAIL-PROTECTED]
Wed May 3 10:35:53 IST 2006 

---------- Forwarded message ----------
From: Prabhat Sandheliya <prabhat.news at gmail.com>
Date: May 3, 2006 10:34 AM
Subject: Fwd: Ankit Fadia -- my childhood hero!
To: lug-indore at googlegroupes.com

Hey guys,

Her is the latest news in Ankit Fadia Case. I would Like you all to
introduce Mahesh Aravind. He has written, such a wonderful and though
provoking mail. Thanks man !

Prabhat.

Here is the original message by him :
-------------------------------------------------------------------------------------------------------------------
From: Mahesh Aravind <ra_mahesh at yahoo.com>
Date: May 2, 2006 4:38 PM
Subject: Ankit Fadia -- my childhood hero!
To: prabhat.news at gmail.com

Prabhat,

> Yesterday (03-04-2006)I attended a seminar by a so-called "Hacking
> Guru" Ankit Fadia, at DAVV, Indore (MP) auditorium. I just want to
> share my feelings with you.

I read your mail (re: Ankit Fadia's fraudulent certificate), forwarded
to ilug-cochin mailing list.  It was excellent.  Other than that, I
can't find words to describe it.  These were the "revelations" I had in
the recent few years.  I thought I was the only one who didn't accept
Fadia as a "hacker", knocking him off discussions as just a wannabe kid
backed by a loooot of media hype.  Cracked Osama's message, huh?

I'm not a hacker, just a wannabe.  I'm a laaazy wannabe that 3-4 years
ago I set out myself and went to get a `Hacking Book', instead of D-I-Y
learning.  What caught my eye (due to then recent media hype) was
_Unofficial Guide to Ethical Hacking_, written by India's "young(est)
hacker whiz kid" -- Ankit Fadia.

I thought: Cool, this kid is only 16 (read: younger than me!)  and he
wrote a (I don't feel the same today) top-notch chapter on TCP/IP, a
subject, whose core is still an uncrackable nut to many network
professionals.  Wow, *he* is something!

At this moment I like to explain that, I hadn't reached enlightenment
(or sought "nirvana") and was still stuck with (how horrible those days)
Windoze.  Cracking windows security, musta been something of weight.
Oh, manipulating the registry(!!!), woohoo!  Can be a `real hacker'
among my school mates..., yipee!  And at those times, I hadn't realised
that a real hacker just doesn't show off!

Months later, a lot(!) learned (from other "real" books), I stumbled
upon [blacksun.box.sk] -- the so-called Black Sun Research Facility.
Going through their archives, I was astonished to see that many articles
were a copy of the chapters from the book, I paid Rs 385/- to buy.  But
then I was forced to think the other way: all these articles (or
"philes") had some or other cracker `handle' as the author.  Hey, how
can these foreign (at then mostly Israeli) hackers get an Indian book's
extract?

These "philes" were word-to-word match with the Fadia's book.  Then I
came to know the Fadia's (then) website [hackingtruths.box.sk] was
hosted in the same domain.  Bingo!  This kid is a fraud!  I shoulda
known it when I saw non-English comments to some of the so-called
virus(!!) asm source code fragments.  Somewhere (I don't recall where),
I also read that Fadia was thrown out of BSRF for copy-pasting their
articles, and not attributing the relevant credit to their authors.  I
think, nowadays articles at BSRF bears Fadia's name as the author.  Not
sure, cause nowadays I don't like (or want) to go to script-kiddie
sites.

> The seminar topic was "Ethical Hacking", now I want to ask Mr Fadia,
> what is unethical about hacking ?  Hacking is very positive word and
> there in no need to put "Ethical" before it.  By the way his seminar
> topic should be "Ethical Cracking".

Quite right.  I think we need conduct more campaigns to restore the
`media defaced' image of the `sacred word'.  And, I think there's also a
course called CEH (Certified Ethical Hacker); which looks like an
internationally acclaimed course [ www.gocertify.com/article/ceh.shtml].
What do you think of it?  Please let me know.

> If you really want to become a hacker, please read an article by a
> real hacker, Eric Steven Raymond (ESR). The man who changed the
> history by writing a paper "Cathedral and Bazaar".

This is what showed me the path, got me into "it"... and _our_ history
revealed to me by ESR's Jaron File.  I've read (tried to, at least)
*all* his articles/essays.  From _Halloween docs_ to _Sex Tips For
Geeks_.  I owe him much more than one!

> The people who can not differentiate between hacking and cracking,
> should read an article by the GOD of hackers Richad M Stallman (RMS),
> the man who started GNU movement all by himself. The gcc (compiler),
> gdb (debugger), emacs (editor) are some of the most popular softwares
> in the world written by him.

I particularly like this -- RMS *IS* GOD!
(Please check the spelling: RMS is Richard Matthew Stallman)

But these s/w could have been better captioned as GCC (compiler _suit_),
GNU Emacs (Integrated <substitute-what-*ever*-you-want> environment).  I
for one breaths, eats and sleeps inside Emacs.  This very mail was
composed in it.  Of late, I've been plotting to put `/usr/bin/emacs' as
my shell in /etc/passwd!

> The things Fadia demonstrated were ancient techniques used by crackers
> to break into some one's machine.

In the book too, mostly he gives us a list of common, default passwords
and asks us to try our luck.

> IP spoofing, SQL Injection, password cracking softwares, Trojan horse
> programs, these are the tools of cyber criminals. So I wonder what is
> the significance of the term "Ethical" here ??

Did he mention all this?  I wonder from what site he learns all these
"theories"?

One particular book I liked very much is _Stealing the Network: How to
Own the Box_, by Syngress Publications.  It describes real
hacking/cracking techniques, in fictional stories, using `bare' hands
and crazy, creative ideas.  I'll say its a must-read for anyone into
computer security career.

Any pointers for a freely-downloadable _The Cuckoo's Nest_?

> The entire session was demonstration of third party utilities, and the
> saddest thing was no mention of the name of any author of any utility.
> He didn't care to give some credits to the utility developers. What a
> shame !!!

Great!  What an attitude?  Something like Micro$oft's `Embrace and
Extend' policy: What yours is mine, and what mine is mine!

> Second most annoying thing was that he calls himself a "hacker" and
> was using a Windows XP operating system ????

A Windoze hacker, huh?  Windows is not even an operating system; its an
Un-Operating System!

To quote _Unoffical Guide to Ethical Hacking_:

    There is a common belief that Windows is very insecure, but then Red
    Hat too is not so great in the security sphere.  There are nearly 50
    known ways to get root on a Linux box.  The reason why hackers have
    found so many more holes or bugs in Windows is due to the fact that
    it is the most widely used OS in the world and the largest number of
    hackers have a go at Windows Security.

    The only thing that is in support if Linux is that fact that it is
    free and spreads the concept of open source and well, performance.
    However, while Linux's performance is better, I do not agree to what
    people say about the low Windows security.  So, I think there is
    nothing wrong in using a Windows box for hacking.

What can you say to this?  Some people *never* learn!

> Any confirmation of him decrypting Osama's message = 0
> (Hahahahahahahaha)

Does Osama use Windows?

> I tried to read a few books by him, but to my wonder some part of his
> books are nothing but simple "copy and paste" material from well known
> sites for Windows registry editing.

Recently a book was released by him on _Email Hacking_.  Not
surprisingly, many of my friends' Yahoo! a/c started disappearing, some
lost their mails, others got Mailer Daemon failures for mails that they
never sent but bears their email id in the `From:' column, etc.  Some
even accused *me* for `hacking' their a/c's (honestly, I didn't, I never
wanted to, and I don't know how to do it).

Any news like this in your locality?  Maybe we can sue him for promoting
and encouraging criminal activities.

> Oh God !  this is the clear violation of intellectual property rights
> of the website. Please inform the webmaster. I have done it already.

You being a fan of RMS, please don't use the term <quote>intellectual
property</quote>.  There is no such thing!  Do visit
[www.gnu.org/words-to-avoid.html].  Thoughts and ideas can't be owned
and copyrighted (or patented for the matter).

> I was astonished by the course he came to promote here, "Ethical
> hacker certified by Ankit Fadia" !

"Ethical MESS-DOS(r) Hacker certified by Ankit Fadia".  Sounds cool!  I
wonder what language does he work on?  Microsoft Visual COBOL?

> Unfortunately, question and answer round was cut from the seminar,

Or he will have to *answer* some of those.  How can he, when he follows
some of them step-by-step from various "underground" sites?

> Anyways, I went to him at the end of the seminar, and asked if Windows
> is so vulnerable, can he suggest audience to use Linux rather than
> Windows. And the reply came was straight "NO". What a shame ???

Shame?  Not for him, of course.  Obviously, he finds "Linux" too hard
for him to contain and operate, let alone "hack"!

> The reason is same why Microsoft does not patch up it's OS. Plain
> economics. If you make system secure with Linux who is going to ask
> for people like Fadia, so called "security expert" ???

Or people who are MCSEs?
(MCSE: Minesweeper Consultant and Solitaire Expert)

> And for god sake, stop behaving like a child, now you are in college,
> so GROW UP !!!

Just out of curiosity, what course does he pursue?

Anyway, its good to know that *some* action is going out there to "shed
light on" this incident.  I fully appreciate it, and like you asked,
I'll warn my friends about it.  How can I cooperate?

First of all, I think I'll subscribe to your mailing list.

Best of Luck and Happy Hacking!

Regards,

Mahesh Aravind
-----------------------------------------------------------------------------------------------



--
Prabhat Sandheliya
---------------------------------------------------------------------
Promote Linux - Join mailing list :
http://groups.google.com/group/lug-indore
(Linux Users Group - Indore)

More information about the Fsf-friends mailing list