Frequently Asked Questions
Being as Hacker for Hire is a subsidiary of HTG, Limited, there are undoubtedly questions that will be asked from time to time. The goal of this page is to be a quick reference to those questions and to serve our customers better.
What is Hacker for Hire?
Hacker for Hire is the name of the security portion of HTG. Our services range from security and risk assessments to policies, procedures, disaster recovery, forensics, and code review. Our goals are to improve our customers security through industry proven methods and standards. This makes security an enabling power in the business, not a disabling sink-hole of money.
What don’t you do at Hacker for Hire?
Anything unethical. “What is unethical?” is a question many security practitioner receive over and over again. It’s a hard one to have a really good answer to. The best answer is probably “If you have to ask if it’s ethical, it’s not.” But then we have to deal with people that don’t have a conscious or people that don’t ask the question. In Hacker for Hire’s eyes, we will not engage in any business with you if the answer to any of the following questions is “No.”
- Do you have undeniable ownership of the systems and the ability to present that proof if required?
- Do you have the ability to sign a legally binding statement of work outlining the work to be performed and have the legal authority to authorize any and all actions related to the statement of work?
- Do you have a legitimate and ethical business reason for our services and are you interested in knowing in depth information about your company’s information security?
If you can’t answer “Yes, Yes, Yes.” we will not engage in any sort of business arrangement with you. There is a zero-tolerance policy to deal with anyone that attempts to solicit our services for unethical practices.
What do you mean by “zero-tolerance” policy?
In the event that you attempt to contact any member of our team to solicit ANY activity that is deemed unethical (see previous question) by Hacker for Hire, you will be reported to the United States FBI. Any information you have provided in your contact to us including but not limited to email conversations, email addresses, IP addresses, names, aliases, phone numbers, addresses, etc. will be provided to the FBI. If you do not believe that you will be reported, you should probably take a look through the archives and see that I have reported others before. I repeat you will be reported to the United States FBI, you will not get a second chance to redeem yourself.
Will you hack “my” Yahoo, MSN, Google, MySpace, Facebook, Random stupid MMORPG account?
No, I won’t. You don’t own the system, you don’t own the data on the system. Go back and read the EULA if you think that you do. Asking this type of question will again get you routed to my local FBI office.
About how much do you charge for [ Blank ]
Standard pricing is as follows:
- External Auditing: $75-$150 / hr
- Code Review: $75 / hr
- Software-based Data Recovery: $50 / hr
- Password Auditing / Recovery (owned / offline systems only): $50 / hr / 10 passwords
- Software Development: $75-$150 / hr
- Anything else: TBD based on additional information
All prices are pending a signed statement of work. Hacker for hire reserves the right to refuse service to anyone based on any known or unknown factors.
Wyatt says:
Toni, an issue such as this needs to be taken up with the owners of the system, Yahoo!. If you contact Yahoo! and provide them with information such as the date and time of the occurrences, they should send the report to their security department. While it is somewhat like yelling at a brick wall since you’ll probably never see a response to the information you send them, most security groups do take actions to stop offenses such as this from occurring again.
2 April 2007, 1:24 pmAngie says:
I need to retreive some lost messages? Can you help?
25 September 2007, 4:26 pmWyatt says:
I might be able to. Send me an email with the details and we’ll go from there.
26 September 2007, 12:27 pmOwen says:
question: i have an iphone and i want a voice recording application, apparantly there has been one made, not by iphone (since they don’t have one) but the directions are confusing, something about jailbreaking your phone and then using unix, and the shh installer shell, i don’t understamnd any of it, is this something somebdoy can help me with or is this “illegal”?
2 October 2007, 5:46 pmWyatt says:
It’s definitely not illegal to do anything to your iphone because you purchased it; however, you loose some rights to support.
It is something that I can help you with; however, there are some risks associated with it.
1. You could turn your iphone into a brick
2. Turning your iphone into a brick in the above fashion is a direct violation of your iphone’s warranty and will violate any support agreement you might have purchased on your iphone.
The only reason I know #2 is that I was at the Apple store today and they had a nice sign by the genius bar that explained Apple’s policy.
If you aren’t bothered by #1 and #2, give me an email and I’ll help you out.
2 October 2007, 11:50 pmJohn says:
I am a, what you might call a hobiest. I like to program for fun and relaxation. Recently I created a small script in PHP and I would like someone to see how hard it is to break the code. Maybe take a bit of encrypted data and see if they can figure out what it says.
5 December 2007, 11:08 pmPepe says:
I need to edit the date of an email. I have figured out all but one thing – the message ID. I open the msg in notepad and can find that date string. Upon edit and save, the msg no longer will open in Outlook. Interested in hiring/paying for consulting services to provide me with an editor or way to make final edit and save in valid Outlook format, or offer some other alternative to achieving same goal. Time is of the essence.
29 January 2008, 6:44 pmWyatt says:
Sure, I’ll take a look at it.
Send me a copy of the email you are trying to work with (in outlook format) and what your end goal you are try reach. The cost will be somewhere between $100-150/hr depending on what you need done with it.
29 January 2008, 9:56 pmJohn Uhler says:
Hello Wyatt,
I would like to hire someone to help with our website development. Nothing illegal, but a real challenge. Thanks!
21 February 2008, 4:14 pmSeng says:
I own a website that had been copied by other sites, they refuse to delete our contents from their site. Is it an ethical way to try to take down their site, or delete their database, or should I just let it go?
20 April 2008, 6:40 pmWyatt says:
The only ethical way to take them down is via legal action.
If you feel they are violating your copyrights/etc, you have the right to pursue legal action however you see fit; however, the simplest way is to politely ask that they take down the material and let them know that they are violating copyrights/etc.
21 April 2008, 9:59 pmSeng says:
As bitter as it might be, I guess I have to agree, the only ethical way is via legal action, unfortunatelly, in my case, I dont think it’s possible, I did ask them politely, and they refuse, with reason that the content I have is free for public use. I think I might have to bite my own tongue, since I cant do anything about it. C’est la vie. Thanks for the response.
26 April 2008, 1:50 amBrian R says:
my sony PS3 was stolen from my house, and whoever has it now is usind my playstation account. i have proof of purchase, and i have the police report regarding the theft. can i retrieve a physical address through the account? any suggestions?
11 February 2009, 10:19 amWyatt says:
@Brian R
11 February 2009, 7:38 pmYes, there is a way. First thing you need to do is contact Sony with your Playstation Account information. You’ll likely have to provide billing information and other various other information related to the police report. You’ll need to ask them to provide you with the IP address of the time of the last login to their network. Using the IP address, there are a number of services you can use to find the Internet Service Provider (ISP) and have the police contact them. Trying to get the information on what address and ISP user account information will require a warrant, and that’s why you need to have the police contact them for you or with you. Persistence is the key.
Nancy says:
My laptop had been stolen yesterday. After that, I got theft IP address & the exact time that he established the connection. I ran to the police (again), but I don’t think they can help me at all, or if they can, it would be too late.
I knew that I need to have the Log file in order to point out that info associated with that user account, but it seems really difficult to deal with those ISP. I tried to contact them all day, but I got nothing.
I knew the location of that IP, using those tool available on internet, but still can figure out theft’s home/Apt.
So, is there anyway you can help me find out the actual address (Home/Apt#)of the theft by using IP address, and all information I have?
25 February 2009, 9:38 pmWyatt says:
If you have the information, you need to take it to the police and have them issue a warrant for the ISPs records. ISPs will traditionally not deal with end users due to privacy concerns (and rightly so). So again, take your information to the police, tell them to get a warrant for the records, have them file the report and go get the bad guy.
26 February 2009, 10:16 pmNancy says:
Wyatt
Thanks for your advice!
26 February 2009, 10:53 pmBB says:
Hi Wyatt,
I just came across the site recently and I had a quick question for you. I’m trying to recover the password for a compressed .rar (winrar) file and I’m not having any luck. I just can’t get it to open again. I have no idea what the password was for the life of me. It’s just a couple of WAV files (music) but they’re important.
Using traditional password recovery methods is just exhaustingly time consuming and if there is a better way, perhaps someone with your experience with these types of (relatively low-level) encryptions or utilizing better equipment, then I figure it makes more sense to have someone assist me. Is this something you’re familiar with? Would you be able to help me? What should I do?
Thanks for your time
26 March 2009, 7:54 amWyatt says:
@Nancy P
The legality of “locating” the password could be debated similar to the legality of locating a lost key. If you find a lost key, or you know the combination to a lock; knowing that information isn’t necessarily illegal. However, using that information with out the direct consent of the owner IS illegal.
Example, if you see your neighbors key sitting on the porch and then use it to enter their house without their consent, it’s still considered “breaking and entering” even though you had a key. Hope that clears it up for you.
3 December 2009, 1:15 am