Kids won't hack corporate systems. They'll hack each other, they'll hack and share nudes, they'll embarrass one another, harass, troll, and bully.
I was a member of many video game communities as a kid and DDOS attacks to disrupt game play, RATs and other tools to steal and sell virtual currencies, happened frequent and often.
I think the volume of destructive activities outweighs the constructive ones, even if many such perpetrators went on to become Software Engineers and Pen Testers for Meta, Google, and other companies. Like others I don't think they should be arrested for the less harmful examples - but there are lines that cause significant societal harm that should end in proportional punishments.
The entire history of hacking shows that kids will, do, and always have hacked corporate systems. They'll absolutely hack each other while they're at it, but much of that time will also involve hacking corporate systems. Even kids who hack video games are very often hacking corporate systems because it's corporations who control the game servers.
I would much rather have corporations and the countless third party companies/hardware/services they depend on all patching and hardening their stuff for fear of pesky children cheating in video games than let all those corporations become complacent. As it stands today corporations do only the bare minimum when it comes to security as repeatedly evidenced by the endless leaks and data breaches which rarely involve complex vulnerability chain attacks full of zero days and most often could have easily been avoided by protecting against threats that are very well known and for which solutions already exist.
The harm caused by trolls and cyberbullies is dwarfed by the harms these corporations would cause society if they had any less pressure to take even the most basic steps to protect our accounts and our data.
> I just see two problems in the world not "the lesser of two evils".
You're right about that. It's far from an ideal solution. I'd much rather if that pressure came from regulation that would consistently deliver severe consequences for any company that decides to cut costs/increase profits by neglecting their responsibility to protect our data and the systems and services we pay for and depend on. That way, all systems would be reasonably protected. We wouldn't have to worry as much about pranking teenagers causing disruptions and posting penis pictures, and it would still make it harder for the adult hackers to gain access and do much worse.
Kids absolutely do hack corporate systems. They do now, they did 10 years ago, and when I was hip deep in that scene in the early 1990s that's what they were doing. They also go after each other, but that's a side quest.
Kids won't hack corporate systems. They'll hack each other, they'll hack and share nudes, they'll embarrass one another, harass, troll, and bully.
I was a member of many video game communities as a kid and DDOS attacks to disrupt game play, RATs and other tools to steal and sell virtual currencies, happened frequent and often.
I was a member of many video game communities as a kid
Your youth maintained your innocence, consider yourself lucky.
you may never hadn't a clue at the time, but those pre-release builds, firmware dumps, decryption keys, _______ source code, pii dumps, debugging symbols, and other general degeneracy facets were not reverse engineered in a white-room environment by 17 year olds, but rather compiled and scavenger hunted from the depths of google, re-used passwords, internal email dumps, physical intrusion (yes), blind XSS that phoned home an admin panel months later....I could go on, but that was nostalgic enough.
I think the volume of destructive activities outweighs the constructive ones,
You are essentially promoting "head in sand", if not directly.
if many such perpetrators went on to become Software Engineers and Pen Testers for Meta, Google, and other companies.
50%/50% drugs to success - The bell curves both ways. But remember the context, 10 years ago, emailing a bug report could get your door kicked in.
Like others I don't think they should be arrested for the less harmful examples - but there are lines that cause significant societal harm that should end in proportional punishments.
This gets grey real fast.
After checking out your cart on a hypothetical web-store, you are redirected to the receipt page. Sharing the link with a cohort via email, you leave off a single digit in the r? parameter in the URL, causing a receipt from someone else to display.
It was a brisk fall dew-filled dawn the next morning when the State-Cyber-Police made their swift, immemorial performance. Donned with insignia "pastor sapientiae," they had long ago forgotten their purpose, aside from the prevention of the proliferation of the unwise and their defiance of authority.
I was a member of many video game communities as a kid and DDOS attacks to disrupt game play, RATs and other tools to steal and sell virtual currencies, happened frequent and often.
I think the volume of destructive activities outweighs the constructive ones, even if many such perpetrators went on to become Software Engineers and Pen Testers for Meta, Google, and other companies. Like others I don't think they should be arrested for the less harmful examples - but there are lines that cause significant societal harm that should end in proportional punishments.