The poker related ones seem to venture well into the unethical or illegal category. That doesn't take away from the difficulty or cleverness of the hacks, but unlike the candy theft story, there is no acknowledgment that some of those things might have been unethical or illegal.
Edit: I now see the conclusion that notes the potential for illegality, but I feel like the body comes off as way too proud about aiding a scam of a business (the affiliate "arbitrage")
Most people in college at the time were signing up for poker sites without any affiliate reference, so they would get nothing. At least with Aces Up they got something back.
My poker bot was against the T&C of the site, so I could see the ethical issue there. The bot barely won any money at the $5 SNGs (maybe $100), and factoring in the massive amounts I lost playing my expert strategy at $2/$4 limit, it was net negative.
The affiliate arbitrage thing was definitely unethical, though as I noted, I did not participate directly. It was also against their T&C and my friend eventually drifted into some even more shady areas of affiliate dealings (100% rakeback via a similar system, etc) that lead to him being banned on most sites.
I don't know that any of those three are illegal at all. Regardless, I suppose I may have a predisposition for finding an angle and considering ethics as an after thought.
Edit: In response to your edit, I suppose you could look at it as a scam of a business. In truth, most people had a love/hate relationship with PartyPoker since they took high rakes, didn't permit rakeback programs, and were ruthless about shutting down accounts and seizing the money with the claim that "we're not a bank". Being in the bot community and watching lots of people lose thousands of dollars because PP deemed their account suspicious was enough to make me lose any empathy for PartyPoker.
In a regulated online poker scene in the US, botting would likely be illegal, just like using a computer to aid your play in a live casino is.
While I understand the value of rakeback and low rakes and poker sites not treating their customers poorly, I don't think it is relevant to whether creating a bunch of fake accounts to receive affiliate commission is okay.
Anyhow, seems like it's all in the past, so all of this shouldn't matter much.
Many of us have a predisposition for finding an angle. Finding an angle is, I agree, part of the joy of hacking. But you can never let ethics become a mere afterthought. You certainly can't justify unethical behavior by simply asserting you're predisposed to unethical behavior.
Al in all, clever
I guess a few of you could also find out that if someone left a window open you could get in their house and take a free TV, that would also show you the joy of "beating a system"...
Fundamentally, I see no difference between being a 17 year old in a basement figuring out that if you send excessive amounts of data into an unchecked buffer, you can gain control over program flow, and being a 13 year-old kid figuring out that by rocking a machine back and forth, you can cause the front items to rub up against the edge of the rack, effectively sawing the plastic off. What is the difference really? Both are fine if you don't use it in the real world and illegal if you do.
And I don't think it's the same as crawling into an open window. Rather, it's more like lock picking, particularly after they started installing these rock-resistant cages and we had to get creative by using two-man teams (one rocking forward, one rocking back). I believe DefCon has a lock picking session every year.
What I used to do when I see it is spend a minute looking at it, buy a packet of chip in such a way that all two, three or four packs fall down, then hand out the "free" ones to people watching. :)
Now that vending machine technology has improved, I do not see many of these "opportunities" anymore, but sometimes you see the odd one where the door is jammed and there are several packets of chips behind it. I get out my metal ruler and fix up the door, then pick the packets of chips up.
I was getting chips that aren't "mine", but at the time I really hoped I was doing a public service when I was fiddling with those vending machines... (there's a little show-off element to it. ok, more than a little. :) )
I sold fake IDs at college. The real IDs were plastic cards and had multi-spectrum holograms, something you can't easily fake. Combining methods I found on the internet with my own discoveries I created simulated holograms using clear spray paint, lamination pouches, Pearlex pigment powder, Alps thermal printer, and a bad ass laminator. They were good enough to pass most bouncers in-state and was told that one passed a cop.
Our college IDs could be used at campus stores, vending machines, etc. The mag stripe just had your school ID encoded on it. If you had a mag stripe encoder (like me) and knew someone's ID you could encode it onto your own ID (or a fake one you printed yourself, like I did). The problem was finding school ID numbers.
To communicate with students there was a set of folders outside the main office of each department. Each student had their own folder, sorted in alphabetical order. This was also where you got your grades at the end of the quarter. I realized that your grades had your full student ID number listed (which was also your SSN!). All I had to do was go through the folders and find grades other students hadn't picked up yet to get their ID numbers.
Luckily the school stopped printing full numbers on student correspondence not long after that.
here's my biggest vending machine hack: freshman year in college, there was a vending machine in our dorm building. it wasn't cheap (obviously), but it got lots of use because it had something extra: a card reader for our IDs. if we pre-loaded our card with money, we could use it to buy sodas, snacks, and washer/dryer cycles. very convenient.
but the vending machine had a quirk: occasionally, for reasons unknown, it would just start spitting out coins. it was a pretty rare occurance (and a very exciting one) that it became known colloquially as "hitting the jackpot". every time we went to the machine, we would cross our fingers, hoping to "win".
while it seemed like a random occurance at first, i knew it couldn't be completely random, and i wanted to figure out _why_ it was happening. so i began investigating. whenever i went to the machine, i would try different combinations of buttons, choosing different rows/columns, but i couldn't recreate the behavior. accompanying my friends to the machine, i paid attention to how they were inputting their order (and if they subsequently "won") to try and figure it out.
after lots of observation, i found a pattern: everyone who ever won used their card to buy something. focusing on the card reader, i also found that these people had accidentally put their card in _incorrectly _ before righting it. with a theory loosely in place, i put some money on my card and gave it a whirl.
and it worked! here's the behavior: if you put your card in incorrectly, the machine couldn't read it because the stripe was on the wrong side, so it spit the card back out and flashed an error on the screen which would clear after a few seconds. while the error was showing, the machine would not accept your card. however, if you put your card in _immediately_ after the error cleared, here's what happened:
1. screen displays the amount of money on your card
2. choose your drink
3. drink is vended while the same amount of money is displayed (i.e. not subtracting the price of the drink.
4. the machine begins spitting out coins in the amount of your card value minus the price of the drink
5. the card is returned with the _original balance_ still intact
so, if i had $20 on my card, and i bought a powerade that costs $1.50, i would walk away from the machine with a powerade, $20 still on my card, and $18.50 in change.
horribly immoral and illegal? absolutely. however, i still feel immensely proud that i not only figured out what was happening, but how to reproduce it.
edit: I also wanted to mention that Curvio sounds like a great idea, do you have any competitors? It's one of those ideas where I'm surprised it hasn't already been done, which I feel is usually a good sign.
Lars Bak is a much more interesting example of someone who started late (http://www.ft.com/cms/s/2/03775904-177c-11de-8c9d-0000779fd2...)
There are a few competitors, but generally they're celeb fashion/gossip blogs. We're the only site that I'm aware of which is focused on actually being more like a search engine. It's been tried a few times throughout the last 15 years, and even Liz Lemon mentions it at the end of a 30 Rock episode. The problem is that costume designers are very busy and in general Hollywood does not want to work with you, so you need to do all the legwork yourself.
Additionally, it's only in recent years that crowdsourcing has become a viable solution, both in terms of paid (e.g., Mechanical Turk) and organic (e.g., StackOverflow) platforms. We rely heavily on crowdsourcing to help us generate some of our data and it's so far worked out really well in private testing. The key is really about getting an efficient, organized workflow that you can repeat and scale out. It wasn't easy to find, but I think we have it down now and are looking forward to launching in November! :D
Keep at it!
Basically I'm saying party it up, learn a bit about everything and everyone, back pack across a continent or two, and don't be in such a rush to jump in the rat race. When you're in your late 20s, dropping everything and rolling out will most likely be near impossible. You will be more rooted like an older tree. Right now just see and feel the world you have come into and just play with it.
My 2 cents.
P.S. to me a Michael Jackson or Mark Zuckerberg are not a great life, because they were/are unidimensional. They are what they are and not much outside of it. In technology, a rounded and balanced figure I can think of Steve Jobs. He got the fuck out, then got back in. In is always there, you can always get back in, but you can't always get out.
If those are good things to do, why are they not good when you're not in your 20s? If they're not good things to do, why would they be good in your 20s?
They sound kind of like stupid, boring wastes of time to me. But if they genuinely make you happy, why would they stop genuinely making you happy because your hair fell out and you got fat?
> When you're in your late 20s, dropping everything and rolling out will most likely be near impossible.
When I was 29 I quit my job, and then digitized the Oxford English Dictionary, published my first peer-reviewed paper, moved into a Volkswagen bus, drove all over the country with my wife (having to learn to rebuild the van's engine in the process), and moved to Argentina.
You can live a cliché, but you don't have to.
> P.S. to me a Michael Jackson or Mark Zuckerberg are not a great life, because they were/are unidimensional. They are what they are and not much outside of it.
Given that statement, I'd bet money you don't know Zuck personally.
Now I know, O Manual Deep Freeze Hacker. Solid work.
First it was succeptible to killing the process, easy enough. Once that was blocked, we figured out that some clever use of some default applications in windows would cause it to crash and give us freedom. After those vulnerabilties were fixed or blocked, and we had tried pretty much anything else we could think of, someone figured out that hitting ctrl + alt while we logged in would prevent it from even loading in the first place!
Unfortunately it was pretty easy for our teacher to catch us in the silly act of banging on our keyboards at login.