Thursday, June 3, 2010

Recover or Hack Google Accoun Passwords Stored In Google Talk, Picasa, Desktop Search, Gmail Notifier, Internet Explorer And Chrome With GooglePasswordDecryptor

GooglePasswordDecryptor allows to to recover stored Google account passwords by various applications. Most of the Google’s desktop applications such as GTalk, Picasa etc store the account passwords in their private encrypted store to prevent it from entering the password every time. GooglePasswordDecryptor goes through each of these application’s encrypted stores and decrypts this Google account password.
This program does not require to close these programs in order to reveal the passwords stored. Also it can show passwords from multiple accounts if you have used more than one Google account. You can also export the recovered password list to text or HTML file.
Note: It is a freeware standalone application and it does not require any installation, one can copy the binary to any location on the system and run it directly.

Wednesday, May 12, 2010

10 Ways to Improve Blog Traffic in 30 Minutes or Less

1. Create link clusters within your blog

A link cluster is a group of links that you can point at a post or page to improve its search engine ranking. Let’s say you have a post that’s ranked for ’stupid business ideas’. Edit 10 of your other posts to create links (using ’stupid business ideas’ as the anchor text) to the ’stupid business ideas’ post and you will surely move up in Google for that keyword. This process can be implemented in about 10 minutes and can be used for any keyword your site ranks for or is trying to rank for.

2. Rework HTML title tags of trafficked posts

By watching your stats, you can often identify posts that get search traffic from a keyword, even though the keyword isn’t listed in the HTML title of the post. By editing your posts’ HTML titles to add the keywords they cover, you can strengthen the rankings and therefore the traffic that the post generates. You can easily make a difference with this method in less than 20 minutes. This method combines very well with #1.

3. Invite your readers to connect with you on StumbleUpon and Facebook

You can never ever have too many friends on SU and Facebook. Inviting existing readers to find you on these services with a post should take less than 20 minutes.

4. Save your best posts for the best times of the week

Writing a home-run post on a Saturday afternoon will probably happen from time to time. However, does your blog have good traffic on Saturdays? Analyzing your blog’s stats to determine when it naturally has the most traffic can get more eyes on a great post, which will translate to more social votes and more links. If you have created the post of your life, wait for a good day to publish – it will cost you about 1 minute on a later date to put it up.

5. Edit your post one more time

How can you improve your title? How can you improve your first paragraph? Small details in your post, especially in the beginning of your post, can make an enormous difference in its ability to draw social traffic and links. You can definitely improve your title, first paragraph, formatting, and grammar within 30 minutes.

6. Stop writing about yourself. Start solving problems

Surfers become readers when a blog provides something that is wanted. A casual visitor may read your blog because they find training, answers to problems, entertainment, or something else they want. This more than likely will mean that they won’t want to read about you, your girlfriend, your cats, your kids, or your catastrophes (unless you have a personal blog that your friends read). Discontinuing the off-topic posts will help you to develop more repeat traffic and takes exactly 0 minutes to implement.

7. Subscribe to the feeds of your industry’s major players

That way, you won’t miss important news releases. When news breaks in your industry, there will be a lot of extra traffic searching for information on the event. Adding your thoughts will almost always generate extra traffic. Subscribing to the feeds of your industry’s top sites should take no more than 15 minutes.

8. Give a great post to a prominent blog

Let’s say that you took the time to write something great. Donating your post to a great blogger can help you to create a win-win. The great blogger gets a great piece of content that will bring him social traffic and links and you can create exposure for your name and brand. Emailing your post to a great blogger or blog takes less than 10 minutes.

9. Go to the store

Look at magazines. Pay special attention to the types of titles that are used on the covers. Write down the most interesting titles and think about what makes them interesting. In order to generate buzz around a post, a great title is an absolute necessity. More on this topic here: The Cosmo Headline Technique for Blogging Inspiration. You should be able to find some good title ideas in about 30 minutes.

10. Answer your email and comment questions

Nothing will show a reader that you care more than answering an question (even if you have already answered that question 100 times on your site). Why do people read your blog? Because you solve their problems. Why will they come back again and again to your blog? Because you solve their problems. Answering a person’s email or comment question should take less than 5 minutes.

Password Profile V.3 releases,,,,

CUPP v3People spend a lot of time preparing for effective dictionary attack. Common User Passwords Profiler (CUPP) is made to simplify this attack method that is often used as last resort in penetration testing and forensic crime investigations. A weak password might be very short or only use alphanumeric characters, making decryption simple. A weak password can also be one that is easily guessed by someone profiling the user, such as a birthday, nickname, address, name of a pet or relative, or a common word such as God, love, money or password.
Going through different combinations and algorithms, CUPP can predict specific target passwords by exploiting human vulnerabilities. In password creation, as in many aspects of life, everybody tends to the original solution, but thanks to human nature, we all tend to originality in the same way, leading to almost absolute predictability.
Common User Passwords Profiler version 3 comes with some fixes and new options!

John the Ripper password cracker

John the Ripper is free and Open Source software, distributed primarily in source code form. If you would rather use a commercial product tailored for your specific operating system, please consider John the Ripper Pro, which is distributed primarily in the form of "native" packages for the target operating systems and in general is meant to be easier to install and use while delivering optimal performance.
Proceed to John the Ripper Pro homepage for your OS:

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus many more with contributed patches.
Download one of the latest free versions (and donate to the project): 

Facebook board member’s account gets hacked

It looks like the Facebook account of Jim Breyer, whose firm Accel Partners was an early investor in the social network and who sits on the company’s board, was hacked over the weekend.
Breyer’s account sent out a message to some of his Facebook friends asking them to RSVP for an event related to getting a “Facebook Phone Number.” This message was apparently a result of a phishing attack — a hacking attack where a user, in this case Breyer, unwittingly gives up his password through a hacker-controlled website deceptively engineered to resemble the real thing.
Facebook says the security issue has been resolved, but the fact that this happened still seems newsworthy for a couple reasons.
First, it shows that it’s possible for even a sophisticated Facebook user like Breyer to become the victim of an attack.
Second, PEHub’s Connie Loizos, who broke the story, argued that Breyer may have been specifically targeted in response to new Facebook features that many users see as a violation of their privacy. Such attacks against an individual are known as “spearphishing.”
In an email to VentureBeat, Loizos elaborated on her reasoning, saying that she can’t be sure, but it “strikes me as more than coincidental” that at the same time as Facebook seems to be escalating its competition with Google, Breyer’s account is hacked to send out a message on yet another service that would compete with Google (in this case with Google Voice).
Lastly, regardless of whether Breyer was intentionally targeted or not, he’s a prominent figure in the tech industry with connections to other high-profile figures. Hopefully the Silicon Valley executives and investors who are Breyer’s Facebook friends all realized that his invite seemed suspicious and didn’t fall for it.
Here is Facebook’s full statement on the news:
We take security very seriously and have devoted significant resources to helping our users protect their accounts. We’ve developed complex automated systems that detect and flag Facebook accounts that are likely to be compromised (based on anomalous activity like lots of messages sent in a short period of time, or messages with links that are known to be bad). Because Facebook is a closed system, we have a tremendous advantage over email. That is, once we detect a phony message, we can delete that message in all inboxes across the site. We also block malicious links from being shared and work with third parties to get phishing and malware sites added to browser blacklists or taken down completely. Users whose accounts have been compromised are put through a remediation process where they must take steps to re-secure their account and learn security best practices. This is what happened with Mr. Breyer’s account.
To combat these threats, however, we need users’ help too. People can protect themselves by never clicking on strange links, even if they’ve been sent by friends, and by being wary of sites that require them to download or upgrade software. We encourage users to become fans of the Facebook Security Page ( for updates on new threats and other helpful information. Here are some additional tips from that Page:
  • Use an up-to-date browser that features an anti-phishing blacklist.
  • Choose unique logins and passwords for each of the websites you use.
  • Check to see that you’re logging in from a legitimate Facebook page with the domain.
  • Be cautious of any message, post, or link you find on Facebook that looks suspicious or requires an additional login.

Sunday, May 9, 2010

Wireless Hacking Explained

 A typical hacker attack is not a simple, one-step procedure. It is rare that a hacker can get online or dial up on a remote computer and use only one method to gain full access. It is more likely that the attacker will need several techniques used in combination to bypass the many layers of protection standing between them and root administrative access. Therefore, as a security consultant or network administrator, you should be well versed in these occult techniques in order to thwart them. This chapter, which will be a review for advanced users, will introduce the main types of hacker attacks. Expert users will want to skip ahead to the next chapter (Chapter 7, "Wireless Attacks") and go straight for the goodies.

The following techniques are not specific to wireless networks. Each of these attacks can take multiple forms, and many can be targeted against both wired and wireless networks. When viewed holistically, your wireless network is just another potential hole for a hacker. Therefore, this chapter will review hacking techniques from a generic perspective.

Diverse Hacker Attack Methods

The stereotyped image conjured up by most people when they hear the term "hacker" is that of a pallid, atrophied recluse cloistered in a dank bedroom, whose spotted complexion is revealed only by the unearthly glare of a Linux box used for port scanning with Perl. This mirage might be set off by other imagined features, such as dusty stacks of Dungeons and Dragons lore from the 1980s, empty Jolt Cola cans, and Japanese techno music streaming from the Net.

However, although computer skill is central to a hacker's profession, there are many additional facets that he must master. In fact, if all you can do is point and click, you are a script kiddie, not a hacker. A real hacker must also rely on physical and interpersonal skills such as social engineering and other "wet work" that involves human interaction. However, because most people have a false stereotype of hackers, they fail to realize that the person they are chatting with or talking to on the phone might in fact be a hacker in disguise. In fact, this common misunderstanding is one of the hackers' greatest assets.

Social Engineering

Social engineering is not unique to hacking. In fact, many people use this type of trickery every day, both criminally and professionally. Whether it be haggling for a lower price on a lawn mower at a garage sale, or convincing your spouse you really need that new toy or outfit, you are manipulating the "target." Although your motives might be benign, you are guilty of socially engineering the other party.

The Virtual Probe

One example of social engineering that information technology managers face on a weekly basis is solicitation from vendors. An inimical form of sales takes the form of thinly disguised telemarketing. Straying far from ethical standards of sales technique, such vendors will attempt to trick you into giving them information so they can put your company's name on a mailing list.
Here is one such attempt that we get regularly:
"Hi, this is the copier repair company. We need to get the model of your copier for our service records. Can you get that for us?"

Now, this sounds innocent enough, and there are probably many that fall for this tactic. However, they are simply trying to trick you into providing sensitive information-information that they really have no business knowing.

Like the scam artist, a hacker often uses similar techniques. A popular method that hackers use is pretending to be a survey company. A hacker can call and ask all kinds of questions about the network operating systems, intrusion detection systems (IDSs), firewalls, and more in the guise of a researcher. If the hacker was really malicious, she could even offer a cash reward for the time it took for the network administrator to answer the questions. Unfortunately, most people fall for the bait and reveal sensitive network information.

Lost Password

One of the most common goals of a hacker is to obtain a valid user account and password. In fact, sometimes this is the only way a hacker can bypass security measures. If a company uses firewalls, intrusion detection systems, and more, a hacker will need to borrow a real account until he can obtain root access and set up a new account for himself. However, how can a hacker get this information? One of the easiest ways is to trick someone into giving it to them.

For example, many organizations use a virtual private network (VPN) that enables remote employees to connect to the network from home and essentially become a part of the local network. This is a very popular method of enabling people to work from home, but is also a potential weak spot in any security perimeter. As VPNs are set up and maintained by the IT department, hackers will often impersonate an actual employee and ask one of the IT staff for the password by pretending to have lost the settings. If the IT employee believes the person, he willingly and often gladly hands over the keys. Voila! The hacker now can connect from anywhere on the Internet and use an authorized account to work his way deeper into the network. Imagine if you were the lowly IT staff person on call and the CEO rang you up at 10:30 p.m. irate about a lost password. Would you want to deny her access, risking the loss of your job? Probably not, which makes this type of fear a hacker's best friend.

Chatty Technicians

If you are a home user and think you have nothing to fear from this type of impersonation, think again-you are actually targeted more often by scammers and hackers alike. This is because many Internet newcomers (newbies) will believe anything someone appearing to be their ISP's tech support personnel tells them. For example, hackers will often send out mass messages to people, or sit in chat rooms and wait for a newbie to come along. They will then set up a fake account or use simple tricks to make it appear as if an AOL employee is chatting with them. What the newbies do not realize is that they are actually talking with a hacker in disguise. So, they willingly hand over everything from credit cards to user names and passwords. See Figure 1 for an example of how a fake request might appear.

Figure 1

As you can see, to a beginner it appears that an AOL Administrator is on the other side of this conversation. However, if you look closely, you will see a blank like after Hckr-name:. To make it appear as though an AOL System Administrator is talking, we added a line of space characters to the beginning of the text to drop the AOL System Administrator: to the next line. Although the original name does appear, it would not be difficult for a hacker to set up an account using a date or company name to disguise the fact the account was simply another username.

Social Spying

Social spying is the process of "using observation to acquire information." Although social engineering can provide a hacker with crucial information, small businesses are better protected against social engineering because many people in very small companies know each other. For example, if one of the IT staff received a call from a hacker pretending to be a distressed CEO, he would probably recognize the voice as not belonging to the real CEO. In this case, social spying becomes more important.

To illustrate one of the nontechnical ways social spying can be used, consider how many people handle ATM cards. For example, do you hide your PIN when you take money out at the ATM? Take note of how people protect their PIN the next time you are in line at the ATM. You will probably note most people do not care. Most will whip out their card and punch the numbers without a care for who could be watching. If the wrong person memorized the PIN, he would have all the information needed to access the funds in the account, provided he could first get his hands on the ATM card. Thus, a purse-snatcher would not only get the money just withdrawn from an ATM, but could easily go back and withdraw the entire day's limit.

Similarly, hackers socially spy on users as they enter passwords. A "flower delivery" at 8:00 a.m. in the morning would give a hacker the necessary excuse to casually stroll through an office building. Although she appears to be looking for the recipient of the flowers, she could be watching for people entering passwords or other sensitive information.

In addition to snooping on people as they actively type their user information, most offices have at least several people who are guilty of posting their password on or near their computer monitor. This type of blatant disregard for security is every network administrator's worst nightmare. Regardless of repeated memos, personal visits, and warnings, some people seem to always find an excuse to post their network password right in plain view. Even if some people are at least security-conscious enough to hide their Post-it notes in a discreet place, it still only takes a few seconds to lift up a keyboard or pull open a desk drawer.

If you do not believe this, take a quick walk around and see just how many potential security violations are in your office area. You might be very surprised to see just what type of information is there for the taking!

Garbage Collecting

Have you ever thrown away a credit card statement without shredding it? If so, you are a potential target. Although you might consider your trash to be sacred territory that no one enters because it is dirty, your trash, and the trash of your company, is often a gold mine. Fishing through garbage to find passwords, also known as dumpster diving, can provide a hacker with the crucial information needed to take over your network.

Let's consider a scenario. If you are a network administrator and you receive an anonymous tip that people are posting passwords all around the office, what would you do? Most administrators would immediately investigate and send out a memo to everyone in the company stating that this activity is not allowed, and that violations will be dealt with harshly. Although this might get everyone to temporarily take down their Post-it passwords, the problem has only been exacerbated, for all those passwords are now headed right to the anonymous caller who is waiting at the dumpster.

In addition to passwords, hackers can find memos, sensitive reports, diskettes, old hard drives, and more in the trash. Imagine the value an old cash register hard drive could have to a hacker looking for a way to gain access to a company's credit card database. In many cases, a hard drive can simply be installed on another computer and searched using inexpensive (or free) forensics tools.


A sniffer is a program and/or device that monitors all information passing through a computer network. It sniffs the data passing through the network off the wire and determines where the data is going, where it's coming from, and what it is. In addition to these basic functions, sniffers might have extra features that enable them to filter a certain type of data, capture passwords, and more. Some sniffers (for example, the FBI's controversial mass-monitoring tool Carnivore) can even rebuild files sent across a network, such as an email or Web page.

A sniffer is one of the most important information gathering tools in a hacker's arsenal. The sniffer gives the hacker a complete picture (network topology, IP addresses) of the data sent and received by the computer or network it is monitoring. This data includes, but is not limited to, all email messages, passwords, user names, and documents. With this information, a hacker can form a complete picture of the data traveling on a network, as well as capture important tidbits of data that can help her gain complete control over a network.

How Does a Sniffer Work?

For a computer to have the capability to sniff a network, it must have a network card running in a special mode. This is called promiscuous mode, which means it can receive all the traffic sent across the network. A network card will normally only accept information that has been sent to its specific network address. This network address is properly known as the Media Access Control (MAC) address. You can find your own MAC address by going to the Windows Taskbar and clicking Start?Run and typing winipcfg (for Windows 95/98/ME) or ipconfig /all (for Windows NT/2000/.NET Server). The MAC address is also called the physical address.

The only exception to this is what is called monitor mode. This type of network card status only applies to wireless network interface cards (NICs). Because of the unique properties of a wireless network, any data traveling through the airwaves is open to any device that is configured to listen. Although a card in promiscuous mode will work in wireless environments, there is no need for it to actually be part of the network. Instead, a WNIC can simply enter a listening status in which it is restricted from sending data out to the network. As you will learn later, a network card in promiscuous mode can be detected because of how it interacts with the network. Monitor mode stops all interaction.

There are different layers involved in network communications. Normally, the Network layer is responsible for searching the packets of information for their destination address. This destination address is the MAC address of a computer. There is a unique MAC address for every network card in the world. Although you can change the address, the MAC address ensures that the data is delivered to the right computer. If a computer's address does not match the address in the packet, the data is normally ignored.

The reason a network card has this option to run in promiscuous mode is for troubleshooting purposes. Normally, a computer does not want or need information to be sent to other computers on the network. However, in the event that something goes wrong with the network wiring or hardware, it is important for a network technician to look inside the data traveling on the network to see what is causing the problem. For example, one common indication of a bad network card is when computers start to have a difficult time transferring data. This could be the result of information overload on the network wires. The flood of data would jam the network and stop any productive communication. After a technician plugs in a computer with the capability to examine the network, he would quickly pinpoint the origin of the corrupt data, and thus the location of the broken network card. He could then simply replace the bad card and everything would be back to normal.

Another way to visualize a sniffer is to consider two different personality types at a cocktail party. One type is the person who listens and replies to conversations in which he is actively involved. This is how a network card is supposed to work on your local machine. It is supposed to listen and reply to information sent directly to it.

On the other hand, there are those people at the party who stand quietly and listen to everyone's conversation. This person could be compared to a network card running in promiscuous mode. Furthermore, if this eavesdropper listened for a specific subject only, she could be compared to a sniffer that captures all data related to passwords only.

How Hackers Use Sniffers

Figure 2 shows a sniffer in action. As previously mentioned, sniffers like this are used every day to troubleshoot faulty equipment and monitor network traffic. Hackers can use this or similar tools to peer inside a network. However, they are not out to troubleshoot. Instead, they are out to glean passwords and other gems.

Figure 2

Depending on the program a hacker is using, he will get something that looks like Figure 2. As you can see from the figure, some data is easily readable, while some data is not. The difference is in the type of data that is sent. Computers can send information either in plain text or in an encrypted form. The sample capture shows just how easy it is to read captured plaintext data.

Plaintext communication is any information that is sent just as it appears to the human eye. For most applications, this is the standard means of data transfer. For example, the Internet uses plaintext for most of its communications. This is the fastest way to send data. Chat programs, email, Web pages and a multitude of other programs send their information in plaintext. This is acceptable for most situations; however, it becomes a problem when transmitting sensitive information, such as a bank account number or a password.

For example, take our sniffer screenshot in Figure 2. If you look closely at the plaintext section, you can see just how dangerous a sniffer can be to sensitive information. In the plaintext, you can see the following: Our company will be merging with another company. This will make our stock $$. Don't tell anyone. If this were a real merger, a hacker could make millions overnight.

In addition, email clients and FTP clients do not normally encrypt their passwords; this makes them two of the most commonly sniffed programs on a network. Other commonly used programs such as Telnet, Web browsers, and news programs also send their passwords as plaintext. So, if a hacker successfully installs a sniffer on your network, he would soon have a list of passwords and user names that he could exploit.

Even some encrypted passwords used in a Windows NT network can be sniffed. Thanks to the rather well-known encryption scheme of an NT password, it does not take long to capture and decrypt more than enough NT passwords to break a network wide open. In fact, there are even sniffing programs that have an NT password cracker built right into them. The programs are designed to be very user friendly so that network administrators can test their networks for weak passwords. Unfortunately, these programs often end up in the hands of script kiddies who can just as easily use them to cause problems.

Although sniffers most commonly show up within closed business networks, they can also be used throughout the Internet. As mentioned previously, the FBI has a program that will capture all the information both coming from and going to computers online. This tool, previously known as Carnivore, simply has to be plugged in and turned on. Although it is purported to filter out any information that is not the target's, this tool actually captures everything traveling through whatever wire to which it is connected and then filters it according to the rules set up in the program. Thus, Carnivore can potentially capture all of those passwords, email messages, and chat sessions passing through its connection.

In addition to wired networks, sniffers can also be used in wireless networks. In effect, a wireless network on a corporate LAN is like putting an Ethernet jack in your parking lot. What makes this unique from a hacker's perspective is that sniffing a wireless network is probably not illegal, although it has yet to be tested in court. In many ways, it is no different than a police scanner used by reporters and hobbyists worldwide. If the information is sent in plaintext to the public domain, how can it be wrong to simply listen?

How to Detect a Sniffer

There are a few ways a network technician can detect a NIC running in promiscuous mode. One way is to physically check all the local computers for any sniffer devices or programs. There are also software detection programs that can scan networks for devices that are running sniffer programs (for example, AntiSniff). These scanner programs use different aspects of the Domain Name Service and TCP/IP components of a network system to detect any malicious programs or devices that are capturing packets (running in promiscuous mode). However, for the average home user, there is really no way to detect whether a computer out on the Internet is sniffing your information. This is why encryption is strongly recommended.

How Can I Block Sniffers?

There is really only one way to protect your information from being sniffed: Use encryption! Using Secure Sockets Layer (SSL)-protected Web sites and other protection tools, you can encrypt your passwords, email messages and chat sessions. There are many programs available for free that are easy to use. Although you do not always need to protect the information passed during a chat session with your friends, you should at least have the option available when needed.

Because of the very nature of a WLAN, encryption is a must in any situation. Fortunately, wireless networks come with the option of encryption built right into their software. However, few take advantage of this capability, as few are even aware that this option exists. 

Browse The Web Using Calculator

Now access the internet via your standard Microsoft Calculator using this trick.
You can do this for fun or when your browser is messed up for some unexplainable reason.


1. Open your MS Calculator. This is normally found in Start => AllPrograms => Accessories => Calculator.

2. Open the help-window by pressing the F1 key.

3. Click the top-left corner icon of the help window once (Standard is a Document with a Questionmark).

4. Select 'Jump to URL'.

5. Type your address into the avaliable field, but remember to type http://, and not just www. (or equivalent)

Top 10 Web Hacking Techniques

Remove duplicate files the easy way

I have always wanted this kind of software. I have thousands of mp3 songs packed in various partitions of my hard disk. I have collected these songs from several places and keep them storing, but the problem while augmenting my collection is that I am never sure whether I have copied the set of songs before or not, so I just copy them irrespective of the fact that they may be already present. The consequence is that my limited 40GB hard disk space is almost full leaving me with no more space to store anything else.

That is why I always wanted a software that could compare the contents of two folders and remove the duplicate elements.File Comparator is a program which compares any files by their contents. This utility allow you to quickly compare contents of any files in specified folders, and allow to show files which contain same data.

Thursday, May 6, 2010

how hackers get caught??

One of the first things that someone would learn about hacking tutorials when studying to be a hacker is how to cover their tracks. Of course, some are better than others. A young hacker is less likely to know all the little things that an expert hacker might know. Besides, the young hacker may be trying to impress others - and get a little careless about covering his tracks. This is why younger hackers are often caught.

An older hacker, on the other hand, will rarely leave any tracks. They know how to use their victim's computers as a tool for a launching place to get into another computer - leaving a phony IP address.

The truth is, and it is a good thing, that computer programmers are getting better software, and hardware (firewalls) that are constantly doing a better job - both in keeping hackers out, and in recording IP addresses better for tracking purposes. 

There will always be hackers, and there will always be hackers in prison. The legislation is definitely turning against the hacker - with some hacking crimes becoming equal to terrorism, these days. Kevin Mitnick, a well-known hacker, had the Federal prosecutors accuse him of having caused $291 million in damages to corporate computers. A serious crime, and he remains in jail because of it - unable to touch anymore computers.
Even by learning some of the wrong type of hacking basics through hacking tutorials, a young person could start down a wrong path. Hacking computers, though often glorified on TV, is still criminal.