Three Fundamental Questions
by MasterChen (@chenb0x)
A little while ago, I was asked by a friend of mine to help her strengthen her foundational hacker knowledge. Generally speaking, this meant broad conceptual knowledge about programming, networking, encryption, and security. The hacker mindset goes well beyond any of these categories, but they cultivate a solid foundation.
During our first training session, I had to convey how I think of things in regards to hacking. How can my thought process be simple to understand, convey broad concepts, and remain widely applicable? It was during this first session with my friend that I thought about these three questions.
The first question is, "What is it doing?"
The "it" being whatever the subject of study is. As an example, we'll use a basic lock. What does the lock do? Well, the lock locks and unlocks under the right conditions; being the proper key inserted and turned, or the correct combination being entered. Whether we are talking about door locks, padlocks, or combination locks doesn't matter. They all have the primary function of locking and unlocking under proper conditions. That is what they do.
So, the second question is, "How does it work?"
Or, to put it another way, "How is 'it' doing what 'it' does?" Still using the lock example, we know that the lock locks and unlocks, but how? If it's a padlock or classic door lock, the inner cylinder of the lock is secured by pins and springs that are set in place and should only move to a position that gives way when the proper key is inserted and turned. Or, in the example of the combination lock, it stays locked until the tumblers are set in place by moving a dial. This is a short description, but it illustrates the second question.
The third question is, "Under which circumstances does it break?"
This question can be applied towards both sides of the coin. If we know how it breaks, we... break it, as an offensive play. Or since we know how it breaks, we may know how or where to fortify, as a defensive play. Note that fortification may also include replacing the technology for something better or more up to date. Again, taking the lock example, we know what it does and how it does what it does, but are there ways we can make the lock work without the necessary tools like a key or a combination? A tension wrench and a pick could be a workaround to not having the proper key. A mathematical weakness in the combination allows for quicker cracking. These are conditions under which the original design or intentions break down.
I have tried to think of these questions as a broad perspective on anything that can be hacked; which we know is everything, from the simple to the very complex. If you are a beginner, I hope these questions help guide you in your journey. If you consider yourself to be more mature in your journey, I hope these questions reinforce the solid foundation I am sure you already have!