by Kalpesh Sharma
Passion or Madness: Now days, it has become a passion to learn about hacking and information security. Sometimes I do not understand that whether it is a passion or a kind of madness. This passion has resulted due to several news articles, media stories and the excitement showing hacking related thrills in films. But, on the other hand there is a fact also that very few peoples know anything in-depth about the topic of hacking and information security. So, I would suggest that without adequate knowledge please do not get mad behind passion. Sometimes this passion may become dangerous from the legal point of view. There is nothing wrong to gain expertise, but there is need to realize a fact about incorrect issues behind hacking. I will come to this topic in depth, later in the same chapter.
Be Alert and Aware: Do you think that hacking is an expert level work? Do you think that information security and hacking are one and same things? If yes! Then you are absolutely wrong. Many children in the age group of 14-16 years are having sufficient knowledge to hack any website or collect important data facts from the internet. So, internet being the big source of information it's a child game to perform hacking related activities. Many hackers whose aim is to just earn money from you, they give seminars and workshops along with misguide you that, "learn hacking in an ethical way for a brilliant career". But, I am not going to explain in this way, to any of you. Instead, I would like to explain the fact in a positive way with a positive attitude. A teacher's task is to show right path to students and not misguide them for gaining their personal benefits. So I would suggest that instead of going for the knowledge of hacking, gain the knowledge by learning something, which is said to be an expert level job. And this expert level job is known as information security expertise in technical terms. Hope you might have understood the difference between hacking (not expert level job) and information security (expert level job) from this topic. So, be alert from such misguidance.
Other then passion, one more side of coin also exists. Many institutes and independent peoples call themselves hacker and/or information security experts. But the reality behind their expertise and skills gets displayed in front of non-technical peoples and the victims who undergo for training, courses, certifications, seminars and workshop with such types of self-claimed hackers or institutes, when such victims and non-technical peoples realize that they are not satisfied for which they have spent time and money. The actual reality behind fooling is that the peoples who undergo for such seminars, workshops, courses, etc. most probably undergo through a psychology that, "the person or institute from which we will receive knowledge during the training sessions is an expert or is providing quality education as he was published by media agencies or that it's a branded name in market for related subject talent or that he is an author of any book". I believe in practical, official and those tasks or actions for which evidence lies in front of my eyes. Thus, I am trying to explain to everyone that always be alert and aware, so that your hardly earned income does not get spend in such unnecessary waste of time.
I will give you my own example here! I have several articles about me in various newspapers and media agencies, but this doesn't mean that I am showing you the right path or that I am an expert. For example may be possible that I am a hacker, but this does not prove that I am an expert. So, expert level job is a totally different matter. The explanation about difference between hacking and expertise will come in next chapters So, first check out the level of my knowledge, how much practically I am able to prove my expertise, whether I am official & legal while undergoing for such tasks and finally the evidence part that whatever actions I undertake are proved right in front of eyes, instead of just talking theoretically. Always confirm yourself first, that you are learning with right person or institute or just wasting your time and money. May be possible that peoples might be receiving fees from you and in turn give you the knowledge of something(any other subject or topic about information technology field), which is not even single percent part of hacking or information security related topics. This happens most probably with non-technical peoples or fresher in information technology field.
False Publicity: Secondly, confirm that you are at least gaining the knowledge up to a level for which you have paid a particular amount. Don't just go behind false publicities before you confirm yourself and your inner feelings say that you are moving on right path. As concerns to book publishers, media agencies and films, I would like to confirm that none of them might be having full and fledge technical knowledge about information security field as concerns to my knowledge. It's similar to following examples on me:
A person comes and tells me that you are an expert please suggest me some medicines which can eradicate my serious disease of cancer. I am a technical professional and not a biological professional who is going to solve this problem. A person comes and tells me that suggest a good lawyer who can defend my case in court. Now tell me how do I give suggestion as to which lawyer can prove this person innocent in court of law. Thus, I can't do anything or have any knowledge about any field which is not my subject or area of work. Similarly, even media peoples, book publishers and film makers does not have adequate or complete knowledge and they believe the statement to be true which is explained to them by many misguiding self-claimed hackers and/or reputed institutes. So, these peoples are also not responsible for some of these kinds of activities published by them on any medium.
Language Troubling: There is one more part of cheating called use of useless and complicated language in order to misguide students and especially technically sound professionals. This is a very intelligent part of stunt used by many self claimed security peoples to misguide others. Usually when any self claimed hacker or institute doesn't know anything about complicated or expert level topic, and in such situation they want to include expert level topics in their study material without having any expert level knowledge; such peoples use very complicated words of English and prepare the contents in such a manner that it becomes very difficult to understand even for the persons who are fluent in English. A very complicated coding and useless technical terms are used in their study material, so that the victims cannot understand or claim against such self claimed hackers and so called specialized institutes, in a legal way. When any victim (user of such material) goes through such study materials and courses as well as certifications, they become helpless to understand such complicated and misguiding language, filled up of useless and non-understandable technical terms. Now, when they don't understand anything the common psychology of such victims understands that, "it's a part of expert level work and that's why they are unable to understand the matter or that he won't be able to complete this job successfully as he is not talented" and so on. In this way, the victims think themselves responsible for not understanding the expert level work. But they do not know that they have never been taught anything, which can be called an expert level education or job. This is what I am trying to explain you that it is not your fault, instead it is a stunt used by such self claimed hackers and institutes who tries to sell their services and materials by misguiding others with the help of language troubling. So here also there is a need to be aware and alert of any services or material offered by any self claimed hacker and specialized institutions. They just have an intention of earning a huge amount from you and do not have any feelings for the information security field, students or the nation in any way. This is the reason they use difficult word, complicated terms and technical coding in order misguide others so that no one knows about their level of their knowledge.
Finally: Thus, finally the topics should be very clear that
Don't get mad behind passion and be serious about legal activities. Be alert that you are receiving right knowledge for which you have paid. Be aware of what you are undergoing for is the right one for which you have paid and that too join after checking out. Be practical, official and believe only that which happens only in front of your eyes. You should have the guts to demand for evidence. Check the simplification of language used in the study material whether you can go through it and understand it or not, before purchasing any services or materials from self claimed hackers or so called expert level institutes which claims to be specialized in information security area. Try to understand the difference between a truth and a false, correct and incorrect, etc. by going in depth about every fact related to services, products or materials you are offered by any self claimed hacker or so called specialized institutes. Even if this is in my case, first check out with my study material, then get into the depth of my work background and then only purchase any services, products or material offered by me or on behalf of me. Don't get misguided behind media hype or false publicity of any person or institute without checking through it.
Kalpesh M. Sharma 6, Shri Ram Park Society, On Chandola Canal, Near Jawahar Chowk, Maninagar, Ahmedabad-380 008 (Gujarat) Tel. (Res.) +91-79-25351208 Email: shrishanidev@yahoo.co.in Security Site - www.kalpeshsharma.page.tl