When you think about the black market, I’m sure the majority of you will think of prohibition days.  When alcohol was made illegal, it did two things: It made the bad guys more money, and it put the average joe in a dangerous position while trying to acquire it.  Bring in the 21^stcentury. Sure, there still is a black market… but come on, who is afraid of mobsters anymore? Today, we have a gaming black market. It has been around for years, but will it survive? With more and more games moving towards auction houses, could game companies “tame” the gaming black market?

In the old days of gaming on the internet, we spent most of our online time playing hearts, spades… whatever we could do while connected to the internet. As the years went by, better and better games came about. Then, suddenly, interactive multiplayer games came into the picture. These interactive games, mainly MMORPGS, allowed for characters to pick up and keep randomly generated objects known as “loot”. This evolution of gaming created the black market.

In the eyes of the software companies, the game is only being leased/rented by the end user. You don’t actually have any rights to the game. This is where the market becomes black.  The software companies don’t want you making money of “virtual” goods that are housed on the software or servers of the game you are playing on.  The software companies, at this point, started to get smarter.

Where there is a demand…

Being treated like a twelve year old at work by a Tasmanian-devil-manager and not sure what to do about it? It is simply a well-known fact that no one likes to be micro managed. Not only do they not like to be micro managed, but tend to quit for this very reason. Unfortunately the percentage of people leaving their jobs for this reason is higher that you would imagine. Recently, an employee retention report conducted by TINYpulse, an employee engagement firm, surveyed 400 full-time U.S. employees concluded that, "supervisors can make or break employee retention."

As companies mature, their ability to manage can be significant to their bottom line as employee morale, high staff turnover and the cost of training new employees can easily reduce productivity and consequently client satisfaction.  In many cases, there is a thin line between effective managing and micro managing practices. Most managers avoid micro managing their employees. However, a decent percentage of them have yet to find effective ways to get the most of their co-workers.  They trap themselves by disempowering people's ability to do their work when they hover over them and create an unpleasant working environment. This behavior may come in the form of incessant emailing, everything having to be done a certain way (their way), desk hovering, and a need to control every part of an enterprise, no matter how small.

Superimpose the micro manager into the popular practice of Agile-SCRUM methodology and you can imagine the creative ways they can monitor everything in a team, situation, or place. Although, not always a bad thing, excessive control, can lead to burnout of managers and teams alike.  As predicted, agile project management has become increasingly popular in the last couple of decades in project planning, particularly in software development.  Agile methodology when put into practice, especially in IT, can mean releasing faster functional software than with the traditional development methods. When done right, it enables users to get some of the business benefits of the new software faster as well as enabling the software team to get rapid feedback on the software's scope and direction.

Despite its advantages, most organizations have not been able to go “all agile” at once. Rather, some experiment with their own interpretation of agile when transitioning.  A purist approach for instance, can lead to an unnecessarily high agile project failure, especially for those that rely on tight controls, rigid structures and cost-benefit analysis.  As an example, a premature and rather rapid replacement of traditional development without fully understating the implications of the changeover process or job roles within the project results in failure for many organizations.  

With stiff penalties for being caught and the whiff of secretive underground or even nefarious acts, computer hacking can be seen as a somewhat dubious pursuit. Not all hackers operate with the motive of emptying your Paypal account, however; there are many hackers who utilize their skills to aid companies in locating security flaws ("penetration testing") or engage in hacking with the goal of becoming cyber-freedom-fighters that champion simple human freedoms, such as the right to free speech.

Computer hacking is as much an art as it is a skill. At its simplest distillation, hacking is the systematic search for chinks in programming armor. While advanced problem-solving, intuition and sophisticated understanding of programming languages are a distinct advantage, there does exist a number of push-button programs that computing wizards have written allowing those less sophisticated in the art of hacking to break into remote computers in a variety of ways. Because of this new ubiquity, today's hackers no longer need to be a programming Wunderkind; they simply need to know where to download software and be able to turn on a computer. It really is that simple and the implications can be disturbing.

Phishing, Push-Button Programs and Brute Force Tactics

There's no need to crack a company's firewall if you have direct physical access to their computers. One aspect of hacking is the impersonation of an employee or service worker with the goal of gaining access to a company's database, where the hacker can then unleash whatever havoc he or she has planned into the system. Another is to engage in simple phishing techniques, such as impersonating an employee who forgot their password and needs help logging into the system.

Because such impersonations often fail thanks to companies becoming more security-conscious, taking over operations of a computer remotely is often the preferred method of gaining access. Such attempts can be facilitated in a variety of ways. One is the brute-force method, in which a program such as SQLmap, Nmap or Burpsuite is used; running one of these programs is analogous to trying every doorknob in a neighborhood to see which house is unlocked. Using a variety of different parameters, these programs can find access to a vulnerable computer or network in less than a minute.

Hackers can also attempt to gain access with a program like Metasploit. With literally a few clicks of a mouse, access to a remote and vulnerable computer can be achieved by a relative newbie. With a related hacking aid, called Meterpreter, a backdoor is created that allows access into an operating system. It does not install itself onto the remote computer, running instead using the computer's memory; in fact, Meterpreter can hide itself inside the operations of a perfectly valid program, so it cannot be detected even by sophisticated programmers. Once engaged, it allows a remote user carte blanche access to the system in question.

Where to Learn the Art of Hacking

Of course, for those who wish to learn the actual skills rather than download someone else's hack, there are a number of practice sites that pose an increasingly difficult set of challenges intended to train neophytes in the art of hacking. For example, Hack This Site starts beginners with the goal of cracking simple flaws in coding scripts or software such as HTML, Unix, Javascript and Apache. Their structured series of tests increase in complexity, incorporating real-word scenarios and even old-fashioned "phone phreaking" challenges that recall the bygone golden age of hacking skills displayed by Matthew Broderick in "WarGames."

Using just these simple tools and free practice sites, beginners have a powerful array of hacking resources just a simple mouse click away.

Millions of people experienced the frustration and failures of the Obamacare website when it first launched. Because the code for the back end is not open source, the exact technicalities of the initial failings are tricky to determine. Many curious programmers and web designers have had time to examine the open source coding on the front end, however, leading to reasonable conclusions about the nature of the overall difficulties.

Lack of End to End Collaboration
The website was developed with multiple contractors for the front-end and back-end functions. The site also needed to be integrated with insurance companies, IRS servers, Homeland Security servers, and the Department of Veterans Affairs, all of whom had their own legacy systems. The large number of parties involved and the complex nature of the various components naturally complicated the testing and integration of each portion of the project.

The errors displayed, and occasionally the lack thereof, indicated an absence of coordination between the parties developing the separate components. A failed sign up attempt, for instance, often resulted in a page that displayed the header but had no content or failure message. A look at end user requests revealed that the database was unavailable. Clearly, the coding for the front end did not include errors for failures on the back end.

Bloat and the Abundance of Minor Issues
Obviously, numerous bugs were also an issue. The system required users to create passwords that included numbers, for example, but failed to disclose that on the form and in subsequent failure messages, leaving users baffled. In another issue, one of the pages intended to ask users to please wait or call instead, but the message and the phone information were accidentally commented out in the code.

While the front-end design has been cleared of blame for the most serious failures, bloat in the code did contribute to the early difficulties users experienced. The site design was heavy with Javascript and CSS files, and it was peppered with small coding errors that became particularly troublesome when users faced bottlenecks in traffic. Frequent typos throughout the code proved to be an additional embarrassment and were another indication of a troubled development process.

NoSQL Database
The NoSQL database is intended to allow for scalability and flexibility in the architecture of projects that will use it. This made NoSQL a logical choice for the health insurance exchange website. The newness of the technology, however, means personnel with expertise can be elusive. Database-related missteps were more likely the result of a lack of experienced administrators than with the technology itself. The choice of the NoSQL database was thus another complication in the development, but did not itself cause the failures.

Another factor of consequence is that the website was built with both agile and waterfall methodology elements. With agile methods for the front end and the waterfall methodology for the back end, streamlining was naturally going to suffer further difficulties. The disparate contractors, varied methods of software development, and an unrealistically short project time line all contributed to the coding failures of the website.