back to article One in four UK schoolkids admits hacking

One in four UK youngsters have tried hacking into Facebook or webmail accounts, according to a new survey. An online poll of 1,000 school-age children in London and 150 in Cumbria discovered that the vast majority (78 per cent) knew that hacking was wrong. Despite this a substantial minority couldn't help themselves from …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    anecdote time...

    I remember back in highschool my friend was telling me about MSN messenger, for some reason he thought I didn't understand the concept of a username and password. He helpfully explained "You'll need to set a password, for example my password is xyz" I went home and used the genuine password he had given me to lock him out of his account.

    I gave it back shortly afterwards, but I don't think he's ever felt quite that stupid since.

    1. The Other Steve
      Unhappy

      MSN ???

      "I remember back in highschool my friend was telling me about MSN messenger"

      You had MSN Messenger in high school ? Fuck that makes me feel old.

      1. Anonymous Coward
        Anonymous Coward

        Makes me feel old too!

        Then again, we did manage to lock a teacher out of a VAX at college.

        Did the old classic keyboard watch over his shoulder and got his password.

        Logged in as him, wandered about the system for a bit, found it was all crap and boring, changed his password, logged out.

        No idea how we kept straight faces, but we did as he sat there trying to log on, again and again and again... Eventually he had to call the head of dept to reset it.

        Oh those were the days.

        1. Keith Oldham

          Re : Makes me feel old too!

          When we got our first Apple II in the lab I wrote a little program that showed the usual prompt ( ] I think), anyone that then typed in anything got the message "B*gger Off !" which remained for ~5 seconds, the program was then deleted and the normal prompt returned.

  2. call me scruffy

    This makes me sad.

    Skiddiots are bad enough, but password-guessing adolescents calling themselves "hackers" is .. no just go away, I'm too depressed to finish this sentance.

    1. Anonymous Coward
      Troll

      <title>

      Well technically it still counts as hacking, and when you're thirteen nothing sounds cooler.

      Troll icon because itreminds me of the little tykes.

    2. mafoo

      But thats a good thing (tm)

      Because if half of those people who had tried knew what an sql inject was well...

      ..well, we would probably have better written web apps for one.

    3. Jonathan 10
      Thumb Up

      @call me scruffy

      Hah, yeah it would be like calling a someone a locksmith; who's method for unlocking involved nothing more than a hammer.

      1. blackworx
        Pint

        @ Jonathan 10

        Or rather a locksmith whose method for unlocking involves taking the key out of the shining neon box next to the door which says "this shining neon box contains the key to the door" and then using it to open the door.

    4. Marvin the Martian
      Dead Vulture

      The UK, lowering standards since 1066.

      "We're all hackers now" is the message.

  3. Ned Fowden

    oh, now come on

    now hacking is now beig described as "guessing the users password"

    kids are mean little effers who mostly do this for kicks as it says ... there is no 'hacking' involved, it's simple guesswork

    can't wait to hear about the first case of some 12 year old who has had his/her password guessed and has chosen to prosecute the villain !

  4. Anonymous Coward
    Alert

    Yeah

    "Hacking", yeah, ok.

  5. The Original Ash
    FAIL

    Hahaha

    I remember running through all of the staff areas when I was at school because the guy who set up the network made MSWord run with elevated privileges. I ended up telling him how to fix it.

    This was before you were expelled and arrested for being smarter than your teachers, though.

  6. Si 1
    FAIL

    1 in 4 UK schoolkids don't know what hacking is

    Reminds me of the time I idly typed "tits" into a friend's laptop while he was tying a shoelace and was surprised to discover I'd guessed his password. I was obviously a 1337 ha><0r back in the sixth form.

  7. bothwell
    Thumb Up

    hacking lol

    If that's the extent of the 'hacking' abilities of today's 'hackers' then the future of information security is, er, a secure one

  8. adnim

    Let me correct the title for you

    One in four UK schoolkids admits running a program or script in an attempt to hack.

    1. Anonymous Coward
      Anonymous Coward

      d

      Don't people who call these elite hackers script kiddies normally get smacked up bad in the digital sense. Thier fragile little egos really are quite pathetic.

      I wonder about most of the commentards here today...are they upset because their title is being abused (and they are 1337 h4xxxx0rz), or are they upset because THEY were never called hackers?

      A/C just in case one of you is one of these fragile little 'kers

  9. Anonymous Coward
    FAIL

    news?

    News must be a bit thin on the ground today to waste people's time with crap like this.

    1. Anonymous Coward
      Anonymous Coward

      re: news?

      Thanks for taking the time to point that out - busy day?

  10. Anonymous Coward
    FAIL

    plod off

    "Hacking is illegal and we need to ensure everyone understands that.”

    No, it isn't. As usual the plod are blissfully unaware of what the law is around anything IT-related.

    1. Ross Ryles

      Ummmm

      You might want to check out the Computer Misuse Act.

  11. Eden

    So...

    It's illegal to try and guess someones password?

    O'RLY!!?!?!?!

    1. Anonymous Coward
      Joke

      Y

      Ya rly!

    2. The Other Steve

      Like totally

      See post further down w/r/t CMA Section 1 offences, but yah, 'rly, crime. True.

  12. Wolf 1
    Stop

    Ignorant Journalists and their equally ignorant editors

    Propagating false information, no less. Whatever happened to fact checking?

    Good God! It's bad enough the term "hacker" has been coopted by the bad guys, who should actually be known as "crackers", probably derived from "safe cracker".

    Setting that aside, guessing a password is NOT HACKING. Jeez.

    Hacking (in current usage) is creating programs tha do bad things.

    Guessing passwords is more akin to tresspass. It takes no programming at all--in fact it doesn't involve anything more than using a computer the way it was intended to be used!

    So your headline should actually be "1 in 4 UK students admit to trying to snoop on others accounts". But that doesn't have the magic word "hacking", does it?

    I expect better of you. Try not to make a habit of such shoddy reporting. If I want this kind of story, I'd read the Sun.

    1. The Other Steve
      FAIL

      Ignoramus

      "It's bad enough the term "hacker" has been coopted by the bad guys,"

      It wasn't, it was 'co opted' by the media. How old are you ? Twelve ?

      "Hacking (in current usage) is creating programs tha do bad things."

      In your opinion, which is probably only locally correct. See for instance the popular web site "Hack a day", which is largely focussed on hacks that don't involve "programs that do bad things". But this argument is older than the internet, and I'm bored to death of it.

      "Guessing passwords is more akin to tresspass"

      No, actually, it is more akin to a criminal offence under Section 1 of the Computer Misuse Act 1990, viz :

      "1) A person is guilty of an offence if—

      (a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer;

      (b) the access he intends to secure is unauthorised; and

      (c) he knows at the time when he causes the computer to perform the function that that is the case."

      http://www.opsi.gov.uk/acts/acts1990/ukpga_19900018_en_1#pb1-l1g1

      You can see where it very specifically doesn't say anything about trespass.

      1. PirateSlayer
        Grenade

        Hum

        I was told cracking is legitimate hacking :D...

        Nasty hackers

        Angelic crackers.

        1. The Other Steve
          Happy

          Nooooooo!

          "I was told cracking is legitimate hacking :D.."

          Oh good god, it's bad enough that the seeping wound of the hacker definition argument has been opened, for the love of pete, please don't drag us down the white hat/black hat flame war route as well, the Fail Icon will never withstand the pounding :-)

          1. No, I will not fix your computer
            Stop

            Weak.

            Words mean whatever you mean them to mean, the only sad thing these days is that people insist on defining words in dictionaries so that language stops growing and developing, we have to invent new words like "chav" just to get by (someone actualy said "lol" as a word in a conversation the other day), most Atheists (who call themselves such) wouldn't say that gods don't exist, more likely that gods almost certainly (or probably) don't exist, but very few dictionaries will reflect this defintion (and instead, would call them agnostics by definition) the question is who is right, society or the dictionary? (queue the regular "decimated" definition argument).

            If you're irish and call someone a "cute whore", you mean that they are a cunning person (possibly for selfish reasons), put that into google and you're more likely to get a flood of porn sites, so who is right? society (if google hits count) or the person who used the phrase?

            Look up a certain popular four letter c word often used as a "the worst insult possible" (although I am a fan) and it has meant many things over the years but now those bastards who put it in black and white tell us what it means.

            1. Eddie Edwards
              Headmaster

              Welcome to subjectivity

              "Atheists (who call themselves such) wouldn't say that gods don't exist"

              I doubt you would find Richard Dawkins being so moderate.

              Atheists believe in "no gods", not "probably no gods".

              People with a more moderate / scientific position call themselves agnostics, in a tradition almost as old as the scientific method. This is why the word agnostic was coined, FFS, so that people who reject atheism as a non-empirical belief can still have a word for their point of view.

              That's my understanding, anyway. The redefinition of atheism as equivalent to agnosticism is a new one on me. Why have two words then?

              1. No, I will not fix your computer
                FAIL

                Re: Welcome to subjectivity

                It's very rude to deliberately mis-quote somebody when it fits your needs, I said "most Atheists (who call themselves such) wouldn't say that gods don't exist", note I said "most" indicating that (in my personal experience) "most" Atheists hold this view, in fact I have never met an Atheist that said that they "know that gods do not exist".

                Atheists do not believe in any gods, probably because in all liklyhood no gods exist.

                An agnostic however is the worst kind of fence-sitter, one who gives up their right to an opinion.

                >>I doubt you would find Richard Dawkins being so moderate.

                Dawkins defined belief on a 1 to 7 scale, 1 being "I know for a fact gods exist" and 7 being "I know for a fact gods do not exist", 4 is "perfect agnosticism" where the existence of gods is 50/50, Dawkins defined himself as 6.9, so I guess you would find Dawkins being so moderate.

                Oh and just to add more fail to your plate, aspects of the "Scientific Method" can be tracked back to Babylonian times and beyond, thousands of years whereas "Agnostic" is a word made up by Thomas Huxley around 1889.

                My guess is that peope who call themselves agnostics are Atheists but just scared to call themselves Atheists just in case they are wrong and burn in eternal hellfire, but here's a an idea for you, if gods do exists they know you're just trying to cheat and you'll burn anyway, stop being a coward and have the courage of your convictions, it's much better not to live your life in fear.

                All this is an aside, the point is one of language, if the dictionary defintion of an Atheist is one who knows there are no gods then they would be a very small group, and certainly not representitive of most people who call themselves an Atheist.

      2. Wolf 1

        Sigh

        Look, I'm not arguing law, which has no rationality behind it (only what an opportunist can convince idiot lawmakers of), I'm arguing fact. Trespass is entry where you aren't permitted to be. Guess what guessing another person's password does? :)

        As for who co-opted what, why do bad guys refer to themselves as hackers? Although the media certainly didn't help the situation.

        And given the word's origin, it means exactly what I said it means. Anything else isn't hacking, it's either fraud or trespass. A hack was originally an elegant piece of code, now it's a piece of code with evil intent.

        1. The Other Steve
          FAIL

          3vil

          "Look, I'm not arguing law, which has no rationality behind it (only what an opportunist can convince idiot lawmakers of), I'm arguing fact. Trespass is entry where you aren't permitted to be. Guess what guessing another person's password does? :)"

          Violates S1 of CMA1990. I don't need to guess because it's written down and everything.

          "Anything else isn't hacking, it's either fraud or trespass"

          See above. And when you use the term Trespass, you are indeed arguing law, since it has a very specific legal meaning (actually a set of them, depending on what it's being applied to, speaking of which ... )

          "And given the word's origin, it means exactly what I said it means. Anything else isn't hacking, it's either fraud or trespass. A hack was originally an elegant piece of code, now it's a piece of code with evil intent."

          You appear to lack a clue as the etymology of the word, which I promised myself I wouldn't get into, but never mind, in fact it originally meant a prank and still means many things other than "piece of code", with or without evil intent, but that's all you're getting.

          However, let us agree to disagree since, as Caroll's Humpty Dumpty aptly quoth : "When I use a word, it means just what I choose it to mean -- neither more nor less"

  13. Sonny Jim

    It's no use

    There's no point in trying to defend the hacker definition any more, rather than meaning "Someone who likes to mess around with electronic equipment" it is now a catch all term for "Someone using a computer in a way that isn't approved by Microsoft/Government/Police/Workplace".

    The worst part is that if you point out a security flaw, you are more than likely going to be labelled as a 'hacker' and be punished for it!

  14. Dark Horse

    coolness factor?

    1 in 4 kids admit to something that sounds cool? Hmm...

  15. lukewarmdog
    Badgers

    quarter of all kids

    try and get on their mates social networking sites.

    most of those don't use secure passwords themselves.

    tl;dr kids are basically stupid.

  16. Anonymous Coward
    Anonymous Coward

    When I was at school

    One of my friends claimed their uncle was Mr T

    Kids say a lot of things, most of it bollocks

    1. Thecowking
      Thumb Up

      His uncle was Mr T?

      That's serious cred.

      On a side note, I was willing to believe a lot of things at school if they were interesting enough. From now on my uncle will be Face.

  17. jon 77

    next: schoolboyz have sex with multiple partners... :)

    yes mate :) I totally bonked 'er, I'm a macho man! all those girls relly want me, I'll be givin plenti tnite...

  18. Kwac
    FAIL

    What I find disappointing

    is that 75% HAVEN'T.

    Kids today, etc.

  19. Anonymous Coward
    Anonymous Coward

    Pranks & Japes

    Said Mr Rozzer, Children need to understand that Pranks and Japes is a crime so serious that you can be extradited to the US without sight of evidence, and go to jail for a gazillion years.

    You can detained without trial while we search your computer, and if we find a dirty picture we don't like, you can be imprisoned and be put on a register which will stop you getting a job for the rest of your life.

    So kids, DO NOT COMMIT PRANKS AND JAPES!

    And don't get me started on scrumping.... or GRAND THEFT BRAMLEY, as I like to call it.

    Yours,

    Mr Unbalanced Rozzer

  20. EvilGav 1

    Not hacking . . .

    . . . but then we all know that. It's not even cracking. It IS social engineering, of a sort.

    Back in the day, when I were a lad, I remembering cracking at school, altering code on the school system - nothing special, just made it report that i'd written all the fancy maths programmes that were used and altered the odd equation here and there to give the wrong answer.

    Once I left school, I moved on to hacking proper - spoofing the old Unix routers, bypassing security on websites etc etc. This all stopped when it became a world of script kiddies intent on causing havoc - myself and my cohorts were only ever interested in seeing what we could make the internet servers do that they weren't meant to.

    1. PirateSlayer
      Megaphone

      fff

      What you do in the privacy of your home with your equipment and your wires and your data and your websites is your business.

      Universities often have facilities for hackers to practice their skills...doing it in public is like pissing in someones private swimming pool because you can and is therefore wrong.

      If what you call "social engineering" keeps prepubecent teenagers out of my inbox (and dismal mid twenties/early thirties vouyers), all the better!

    2. The Other Steve
      FAIL

      The other one haf got bellf on

      "This all stopped when it became a world of script kiddies intent on causing havoc - myself and my cohorts were only ever interested in seeing what we could make the internet servers do that they weren't meant to."

      Oh puke. Really ? you just played the "curiosity is not a crime" card ? GTFO.

    3. Euchrid

      re: Not hacking

      It's not even a sort of social engineering. When hackers say they 'social engineer' is a tarted up way of saying conning someone...let's not make it sound more impressive than it is.

  21. blackworx
    Headmaster

    Pull the other one

    When I was 13 I told all my mates I could "hack into" the local bank with my ZX Spectrum and the credulous twits believed me. Even better than that was the ubiquitous story-topper who instantly claimed to have "hacked into" NASA. Ah childhood, how I don't miss it.

  22. Valerion
    Stop

    guessing a password != hacking

    I was fixing my next-door neighbour's daughter's laptop the other week. I booted it up and was faced with a password. I tried a blank password which didn't work, but then Windows gave me a hint. With that hint I guessed it in one try.

    Guess that makes me a l33t hax0r too.

  23. The Indomitable Gall

    Disgraceful! In my day...

    In my day, kids engaged in totally legal play. We had wholesome games like "plundering apples", "lifting stuff from Woolies", "running on the railway tracks", "crawling under the security fence", "building-site hide-and-seek". Some of my favourite toys were obtained in the course of that last one.

    Kids today just don't have the same respect for the law.

  24. Lord Lien
    Paris Hilton

    Real hackers...

    ... would never admit to doing it. So have we just been told that 1 in 4 school kids is a liar?

    @ Blackworx I did the same thing on my 48k when I was 12. I hacked into a bank & gave myself an account with a million pounds, but I was to scared to try & with draw the money... well that's what I told my idiot mates at the time & they believed me.

    @ Valerion you forgot to add UBER to the start lol

  25. Juillen 1
    Pirate

    Back in the day..

    At Uni, we used to have a game of see who could get root on the Uni systems the fastest. We never broke things, and in fact policed it far better than the overworked sysadmin (one year we found a remote attacker who was making naughty changes, and passed on the 'good news').

    Really, that time taught me more about general security than all the 'briefings' an training since; it teaches you ways of thinking to apply to your own systems to protect them, which is a great thing.

    These days, if I got up to that, no doubt I'd be kicked off campus and the course, and probably fed to the authorities to be fined and locked up for a few years, never allowed to touch a keyboard again as a "threat to society".

    In the early days of the 'net, I used to play around, and if I found something awry, send a polite message to their admins with patch recommendations. More than one would leave a polite "thank you" note in a public area; not enough to state what'd been done, but enough for those who knew to appreciate the thanks.

    Again, these days, it'd be up in front of the beak first thing, and in the slammer in no time (maybe extradited as a terrorist).

    It does get me down at times, looking at the contrast of the way things used to work, and the rank stupidity and fear I see now. And the lawyers keep telling us that the emperor's new clothes are indeed most fashionable.

  26. Paul Hates Handles

    1 in 4?

    I'm sure it's more like 4 in 4...

    And my nuts is that "hacking". Just like looking in the drawer you think dad hides the porn in isn't burglary.

  27. The Other Steve
    FAIL

    Awesome !

    "It does get me down at times, looking at the contrast of the way things used to work, and the rank stupidity and fear I see now."

    Yeah, you're right, prosecuting people for breaking the law is, like, really lame.

    And that's two "curiosity is not a crime"s and counting. Place your bets.

  28. Anonymous Coward
    Black Helicopters

    Gin!

    Heh, as a l33t d00d from the lake district, i can attest that there's bugger all else to do in cumbria at the age of 13, other than snatch the old lady's gin and sit in a park/field/forest.

    Though i doubt any kids these days even know the ' or '1'='1'-- trick. Not that it helps when hacking your mates facebook page, better off phishing for that sort of thing really.

  29. Anonymous Coward
    Grenade

    *sigh*

    Cracking is not hacking, silly.

    Anyway. College - VT100 terminals, mainframe logon screen and everything logged

    My only option was to write something that looked like the logon screen and walk away.

    eejot tries logging on on my dumb screen

    username and password written to file in my account

    screen sends obviously wrong password to proper logon mechanism whilst logging out

    Proper system says 'wrong password please try again'

    eejot tries again and gets in

    I got their username and password account

    this was in 1985. nothing new here

  30. Daniel Evans

    Title

    LOOP:

    SET /P Choice="%CD%>"

    %Choice%

    GOTO LOOP

    2 years later, this is still the best that anyone in my school has yet to come up with - and I assume that most kiddies haven't done much better...

  31. This post has been deleted by its author

    1. The Other Steve

      Hmm

      Actually I doubt _they_ said it at all, given the consistent use of the term across the various media that are reporting this, I suspect it was the term used in the press release.

  32. RichardB

    @the otehr steve

    "No, actually, it is more akin to a criminal offence under Section 1 of the Computer Misuse Act 1990, viz :

    "1) A person is guilty of an offence if—

    (a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer;

    (b) the access he intends to secure is unauthorised; and

    (c) he knows at the time when he causes the computer to perform the function that that is the case."

    http://www.opsi.gov.uk/acts/acts1990/ukpga_19900018_en_1#pb1-l1g1

    "

    But surely possession of the password indicates you _are_ authorised - by definition.

    1. The Other Steve
      FAIL

      No,not at all

      Try reading the legislation instead of just guessing

  33. zenkaon
    Pint

    In my day....

    I would hack into my classmates accounts and nick their coursework, then delete their copy and leave pron in their user area.

    Me and my mates also had several teachers login details which was a lot of fun. We also used to play doom and duke nukem 3d in IT classes, with (the same) 5 PCs rebooting at the same time when the teacher came back.....good days.

    I ended up being banned from all IT (including the IT class) for the last year and a half of my GCSEs....

  34. heyrick Silver badge
    FAIL

    "Hacking is illegal and we need to ensure everyone understands that.”

    Children smoking is illegal. Drunk tweenies is illegal. Girls popping out babies before or around their 16th implies something illegal took place. Driving too fast in a town is illegal.

    Contrite crap like that is pointlessly stating the obvious. Those who know, know, and those who don't are probably having too much fun to care...

    [back in my day, Econet was dead easy to hack, mobile phones were unheard of, and telephone charges for BBsing would incur incontinence in all but the well-paid... but, dammit, we understood the function of a computer inside out, none of this "black-box-it's-complicated" nonsense!]

  35. Fred Flintstone Gold badge

    So it wasn't China!

    Google, take note*

    (") Accidental good point - never heard what precisely they found. One hell of a killer "take your kids to work" day!

  36. Anonymous Coward
    Stop

    Oh really?

    Less than one in four school kids has enough brains to do even a trivial hack.

    More like one in four answers yes to impress their mates.

  37. Anonymous Coward
    Thumb Up

    this is *good*

    Now 2 in 4 school kids know from experience to use decent passwords.

  38. Andeh
    FAIL

    Hack fail.

    As a Cumbrian student myself, I severly doubt this, of my school of 1,500 I can think of two people capable of doing anything close to 'hacking'.

    Bravo Cumbria. Bravo.

  39. Ben Norris

    rubbish

    1 in 4 kids admits whatever you ask them

This topic is closed for new posts.