DOCSLIB.ORG

Hacking Competitions and Their Untapped Potential for Security Education

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Hacking Competitions and Their Untapped Potential for Security Education Education Editors: Matt Bishop, [email protected] Cynthia Irvine, [email protected] Hacking Competitions and Their Untapped Potential for Security Education nformation security educators can learn much from room environment. the hacker community. The word “hacker” is con- Network Warfare Perhaps the best-known com- troversial, and the idea of emulating this community petition in the hacker commu- nity is CTF, which challenges is problematic to some. However, we use the term in participants to attack and defend computing resources while solv- Iits purest form: individuals who creatively explore technology ing complex technical problems. Run by security experts includ- GREGORY and push it in new directions. Be- better prepared to deter attacks and ing DDTek, Kenshoto, and the CONTI, THOMAS cause of this imaginative, playful defend against them. They’ll also Ghetto Hackers, CTF has been BAbbITT, AND spirit, most hacker conferences be more able to perform ethical an important catalyst for research, JOHN NELSON sponsor diverse and intense com- hacking activities, such as penetra- innovation, and government, aca- US Military petitions, many organized by the tion testing, reverse engineering, demic, and industry collaboration. Academy attendees themselves and facilitat- and active network defense. CTF variants have emerged, such ed via the conference organizers. as the Collegiate Cyber Defense These competitions test partici- Types of Competitions Competition and the US National pants’ ingenuity and problem-solv- Hacker competitions touch on Security Agency-sponsored Cy- ing skills, are fun and innovative, many aspects of computer science, ber Defense Exercise.4 CTF has and draw large, enthusiastic groups information technology, electri- even spawned a business model in of participants and spectators. cal engineering, and informa- which White Wolf Security and Academia and the computer tion security education. They’re other firms host similar exercises security industry have widely ad- powerful ways to teach, inspire, for third parties. Innovation in opted hacker competitions, such build teams, recruit students, and CTF events occurs continually. as DEF CON’s Capture the Flag facilitate advanced skill building. For example, PacketWars com- (CTF), to augment information Competitions can also build the petitions operate like a spectator security education. Many other reputation of participating indi- sport. (For URLS for PacketWars hacker competitions, however, viduals and institutions. and other competitions mentioned are less known. Here we examine We researched the competi- in this article, see the sidebar.) these untapped competitions’ po- tions of major hacker conferences, Every rigorous information se- tential and identify those that can including DEF CON, CanSec- curity education program, wheth- energize and enhance informa- West, ToorCon, ShmooCon, er technically or policy focused, tion security education in both the HOPE (Hackers on Planet Earth), should include appropriately classroom and the industry. and the Chaos Communication scoped CTF competitions to avoid Over the past decade, educa- Congress. Addressing all the com- a significant knowledge gap in its tors have increasingly realized the petitions these conferences host graduates. value of the hacker mindset for is beyond this article’s scope. We teaching information security.1–3 instead highlight a spectrum of Wireless By learning the hacker perspective competition techniques that have Wireless-networking technologies and considering the unanticipated distinct pedagogical merit and are are on the rise, and wireless vul- use of technology, students will be readily translatable to the class- nerabilities and open access points 72 COPUBLISHED BY THE IEEE COMPUTER AND RELIABILITY SocIETIES 1540-7993/11/$26.00 © 2011 IEEE MAY/JUNE 2011 Education are increasingly common. Hacker competitions highlight these con- Related URLs cerns. For example, war-driving competitions, during which par- • Badge Hacking Contest, www.defcon.org/html/defcon-18/dc-18-contest-results.html# ticipants map open access points, dc18badgehack quantitatively illustrate the preva- • Collegiate Cyber Defense Competition, www.nationalccdc.org lence of insecure system configu- • Crack Me if You Can, http://contest.korelogic.com rations and raise public awareness. • Crawdad, http://crawdad.org Competitions have spurred new • Cyber Crime Center Digital Forensics Challenge, www.dc3.mil/challenge/2011 antenna designs and illustrated • Dual Core, http://dualcoremusic.com/nerdcore that consumer-grade wireless-net- • Hack Fortress, www.shmoocon.org/hack_fortress work transmissions are vulnerable • HOPE (Hackers on Planet Earth) conference badges, http://amd.hope.net at extreme distances. To explore • IEEE Conference on Visual Analytics Science and Technology (VAST) Challenge, http:// the implications of RFID tracking hcil.cs.umd.edu/localphp/hcil/vast11 and social networking, the HOPE • International Collegiate Programming Contest, http://cm.baylor.edu/welcome.icpc conference issued electronic badg- • International Olympiad in Informatics, http://ioinformatics.org/index.shtml es to volunteers, captured location • Open Backdoor Hiding & Finding Contest, https://backdoorhiding.appspot.com and demographic data, and facili- • PacketWars, http://packetwars.com tated attendee-developed projects • PWN2OWN, http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011 for display. Facilitators then sub- • Social Engineering Capture the Flag, www.social-engineer.org/defcon-social mitted this dataset to Dartmouth’s -engineering-contest Crawdad wireless research dataset • ToorCon Tamper Evident Contest, http://sandiego.toorcon.org/index.php?option=com repository, illustrating potential _content&task=section&id=11&Itemid=27 second- and third-order research benefits from hacker competitions. Educators can use wireless- tions require winners to share badge. DEF CON provides soft- hacking events to emphasize many their techniques for the benefit of ware tools for altering the badge’s learning objectives, such as ethics, all. DEF CON’s Crack Me if You firmware and facilities with tools privacy rights, antenna design, Can hash-cracking competition and parts for modifying and test- networking protocols, and the challenges participants to illustrate ing the hardware. Attendees have importance of usable security. weaknesses in the username/pass- converted their badges into such word paradigm by working back- devices as a barcode emulator, Cryptanalysis ward from hashes to passwords. breathalyzer, and social-network Code-breaking competitions at- Cryptographic competitions analyzer. Robotics challenges at tract significant interest while complement code-breaking as- hacker and other conferences are providing a deeper learning of signments. Educators can also also popular. cryptography. The US Cyber employ them more broadly out- At West Point, we’ve found Command created a buzz around side the classroom to facilitate that hands-on hardware-hacking its organization by embedding recruiting, enhance Information activities, often drawn from Make a code into its logo.5 The US Security Day activities, inspire magazine and Joe Grand’s ideas,7 Central Intelligence Agency’s self-learning, and exercise prob- are highly rewarding for students Kryptos sculpture draws intense lem-solving skills. at all skill levels. attention from amateur and pro- fessional code breakers, and even Hardware Hacking Secure Coding and numerous pop culture references.6 Many security compromises oc- Malicious Software Hacker conferences use cryp- cur when adversaries attack hard- Attacks have recently increased tographic competitions to great ware devices in unconventional against end-user application soft- effect. ShmooCon and Toor- ways. Hardware-hacking com- ware, including Web browsers, Con badges have included subtle petitions challenge hackers to word processors, and document codes, puzzles, and clues. Other build novel devices and modify viewers. One long-term solution conferences have disseminated existing hardware to behave in is to teach secure coding practices code-breaking contest sheets to similarly unanticipated ways. An that eliminate many vulnerabili- attendees and awarded prizes at excellent example is DEF CON’s ties early during software develop- their closing ceremonies. Badge Hacking Contest. Attend- ment, instead of dealing with them Importantly, some competi- ees receive a modifiable electronic through postdiscovery patches. www.computer.org/security 73 Education Although the ACM’s International the law and victimizing anyone. public. For example, the band Dual Collegiate Programming Contest Properly constructed social- Core has reached broad audiences and the International Olympiad in engineering competitions are with its high-energy security- Informatics facilitate development accessible to a wide range of stu- and-privacy-oriented music. Even of programming and algorithm dents. Using forethought and Snoop Dogg is helping to fight cy- skills, they don’t focus on securing creativity, educators could use hu- bercrime by working with Syman- the resultant programs from attack. man-centric competitions to great tec’s Norton on the Hack is Wack Conversely, some hacker compe- educational benefit. One example cybercrime rap contest.10 Hacker titions focus on the implications could be a phishing email writ- conferences frequently sponsor de- of secure software development ing contest during which students sign competitions, placing the win- and antivirus
Load more

Recommended publications
  • UC Santa Barbara UC Santa Barbara Electronic Theses and Dissertations
    UC Santa Barbara UC Santa Barbara Electronic Theses and Dissertations Title A Web of Extended Metaphors in the Guerilla Open Access Manifesto of Aaron Swartz Permalink https://escholarship.org/uc/item/6w76f8x7 Author Swift, Kathy Publication Date 2017 Peer reviewed|Thesis/dissertation eScholarship.org Powered by the California Digital Library University of California UNIVERSITY OF CALIFORNIA Santa Barbara A Web of Extended Metaphors in the Guerilla Open Access Manifesto of Aaron Swartz A dissertation submitted in partial satisfaction of the requirements for the degree Doctor of Philosophy in Education by Kathleen Anne Swift Committee in charge: Professor Richard Duran, Chair Professor Diana Arya Professor William Robinson September 2017 The dissertation of Kathleen Anne Swift is approved. ................................................................................................................................ Diana Arya ................................................................................................................................ William Robinson ................................................................................................................................ Richard Duran, Committee Chair June 2017 A Web of Extended Metaphors in the Guerilla Open Access Manifesto of Aaron Swartz Copyright © 2017 by Kathleen Anne Swift iii ACKNOWLEDGEMENTS I would like to thank the members of my committee for their advice and patience as I worked on gathering and analyzing the copious amounts of research necessary to
    [Show full text]
  • Scada & Plc Vulnerabilities in Correctional Facilities
    SCADA & PLC VULNERABILITIES IN CORRECTIONAL FACILITIES White Paper Teague Newman Tiffany Rad, ELCnetworks, LLC John Strauchs, Strauchs, LLC 7/30/2011 © 2011 Newman, Rad, Strauchs PLC Vulnerabilities in Correctional Facilities Newman, Rad, Strauchs Abstract On Christmas Eve not long ago, a call was made from a prison warden: all of the cells on death row popped open. Not sure how or if it could happen again, the prison warden requested security experts to investigate. Many prisons and jails use SCADA systems with PLCs to open and close doors. As a result of Stuxnet academic research, we have discovered significant vulnerabilities in PLCs used in correctional facilities by being able to remotely flip the switches to “open” or “locked closed” on cell doors and gates. Using original and publically available exploits along with evaluating vulnerabilities in electronic and physical security designs, we will analyze SCADA systems and PLC vulnerabilities in correctional and government secured facilities while making recommendations for improved security measures. 1 PLC Vulnerabilities in Correctional Facilities Newman, Rad, Strauchs Biographies John J. Strauchs, M.A., C.P.P., conducted the security engineering or consulting for more than 114 justice design (police, courts, and corrections) projects in his career, which included 14 federal prisons, 23 state prisons, and 27 city or county jails. He owned and operated a professional engineering firm, Systech Group, Inc., for 23 years and is President of Strauchs, LLC. He was an equity principal in charge of security engineering for Gage-Babcock & Associates and an operations officer with the U.S. Central Intelligence Agency (CIA). His company and work was an inspiration for the 1993 movie, “Sneakers” for which he was the Technical Advisor.
    [Show full text]
  • Paper: Hacks and Attacks: Examples of Electronic Device Compromise
    Hacks and Attacks: Examples of Electronic Device Compromise Embedded Systems Conference Silicon Valley 2010 (ESC-343) Joe Grand* Grand Idea Studio, Inc. ABSTRACT Bolstered by the flourishing hobbyist electronics and do-it-yourself movements, easy access to equipment, and nearly realtime information sharing courtesy of the Internet, hardware devices have become a target for both harmless, curious hackers and malicious attackers. Many devices are inherently trusted and taken for granted, though they are actually susceptible to compromise leading to potential financial, social, or legal implications. As engineers, we have a responsibility to learn from problems of the past and anticipate new ones in order to better equip ourselves for designs of the future. This paper will present a typical hardware hacking process and explore a few real- world attacks against electronic devices. WHY HARDWARE? Society thrives on an ever-increasing use of technology. Electronics are embedded into nearly everything we touch. Hardware products are relied on for security-related applications and are inherently trusted, though many are completely susceptible to compromise with simple classes of attacks that have been known for decades. Contrary to conventional thinking, engineering doesn’t only have to be about design and hacking doesn’t have to be illegal. You can combine the best of both worlds - the skills and precision of an engineer with the freewheeling, anti- authoritative mindset of a hacker - to discover, learn about, experiment with, modify, build, break, or improve a product. Whether the goals of a hardware hack or attack are for “good” or for “evil” depends purely on the person or people undertaking the task.
    [Show full text]
  • D 4.4 Profiles of Cyber-Criminals and Cyber- Attackers
    Funded by the European Commission Seventh Framework Programme CyberROAD Development of the Cybercrime and Cyber-terrorism Research Roadmap Grant Agreement N. 607642 D 4.4 Profiles of Cyber- Criminals and Cyber- Attackers Date of deliverable: 01/12/2015 Actual submission date: 01/12/2015 Start date of the Project: 1st June 2014. Duration: 24 months Coordinator: UNICA – University of Cagliari, PRA Lab - Pattern Recognition and Applications Lab Version: 1.0 Project funded by the European Commission Directorate-General Home Affairs in the Prevention of and Fight against Crime Programme Restriction Level PU Public PP Restricted to other programme participants (including the Commission services) no RE Restricted to a group specified by the consortium (including the Commission services) no CO Confidential, only for members of the consortium (including the Commission) no Profiles of Cyber-Criminals and Cyber-Attackers Funded by the European Commission under the Seventh Framework Programme Page 1 of 58 Revision history Version Object Date Author(s) 0.1 Initial draft Table of 01/07/2015 INDRA Contents. 0.2 Structure Changes. 01/08/2015 INDRA Multiple changes in the 0.3 03/08/2015 INDRA structure. Content added to section 1 and 2. Review of attributes for 0.4 07/08/2015 INDRA characterization. Attacks to Postal and 0.5 28/08/2015 INDRA Logistic Services. Attacks to Social 0.6 01/09/2015 INDRA Networks, Unmanned Systems, Mobile Biometry, ICS, Automotive, IoT, Transport Critical Infrastructure, Virtualization, Cloud Computing. Attacks to Smart Grids. 0.7 11/09/2015 INDRA Attacks to BYOD, Smart 0.8 07/10/2015 INDRA Cities.
    [Show full text]
  • How Hackers Think: a Mixed Method Study of Mental Models and Cognitive Patterns of High-Tech Wizards
    HOW HACKERS THINK: A MIXED METHOD STUDY OF MENTAL MODELS AND COGNITIVE PATTERNS OF HIGH-TECH WIZARDS by TIMOTHY C. SUMMERS Submitted in partial fulfillment of the requirements For the degree of Doctor of Philosophy Dissertation Committee: Kalle Lyytinen, Ph.D., Case Western Reserve University (chair) Mark Turner, Ph.D., Case Western Reserve University Mikko Siponen, Ph.D., University of Jyväskylä James Gaskin, Ph.D., Brigham Young University Weatherhead School of Management Designing Sustainable Systems CASE WESTERN RESERVE UNIVESITY May, 2015 CASE WESTERN RESERVE UNIVERSITY SCHOOL OF GRADUATE STUDIES We hereby approve the thesis/dissertation of Timothy C. Summers candidate for the Doctor of Philosophy degree*. (signed) Kalle Lyytinen (chair of the committee) Mark Turner Mikko Siponen James Gaskin (date) February 17, 2015 *We also certify that written approval has been obtained for any proprietary material contained therein. © Copyright by Timothy C. Summers, 2014 All Rights Reserved Dedication I am honored to dedicate this thesis to my parents, Dr. Gloria D. Frelix and Dr. Timothy Summers, who introduced me to excellence by example and practice. I am especially thankful to my mother for all of her relentless support. Thanks Mom. DISCLAIMER The views expressed in this dissertation are those of the author and do not reflect the official policy or position of the Department of Defense, the United States Government, or Booz Allen Hamilton. Table of Contents List of Tables ....................................................................................................................
    [Show full text]
  • The Best of 2600: a Hacker Odyssey, Collector's Edition Emmanuel Goldstein
    To purchase this product, please visit https://www.wiley.com/en-ae/9780470474693 The Best of 2600: A Hacker Odyssey, Collector's Edition Emmanuel Goldstein E-Book 978-0-470-47469-3 January 2009 £48.99 DESCRIPTION In response to popular demand, Emmanuel Goldstein (aka, Eric Corley) presents a spectacular collection of the hacker culture, known as 2600: The Hacker Quarterly, from a firsthand perspective. Offering a behind-the-scenes vantage point, this book provides devoted fans of 2600 a compilation of fascinating—and controversial—articles. Cult author and hacker Emmanuel Goldstein has collected some of the strongest, most interesting, and often provocative articles that chronicle milestone events and technology changes that have occurred over the last 24 years. He divulges author names who were formerly only known as “anonymous” but have agreed to have their identity revealed. The accompanying CD-ROM features the best episodes of Goldstein’s “Off the Hook” radio shows. Note: CD-ROM/DVD and other supplementary materials are not included as part of eBook file. ABOUT THE AUTHOR Emmanuel Goldstein first became enchanted with the computer during his high school days in the late '70s. His infatuation soon got him into trouble as he discovered he could access things he shouldn't. A few years and an FBI raid later, he cofounded 2600: The Hacker Quarterly as an outlet for stories and tutorials from hackers around the world. Since 1988, Goldstein has hosted Off the Hook, a hacker-themed radio talk show airing on WBAI FM in New York City. The seven HOPE (Hackers On Planet Earth) conferences he has organized since 1994 have drawn thousands of attendees from points around the globe.
    [Show full text]
  • Hacker, Hoaxer, Whistleblower, Spy: the Story of Anonymous
    hacker, hoaxer, whistleblower, spy hacker, hoaxer, whistleblower, spy the many faces of anonymous Gabriella Coleman London • New York First published by Verso 2014 © Gabriella Coleman 2014 The partial or total reproduction of this publication, in electronic form or otherwise, is consented to for noncommercial purposes, provided that the original copyright notice and this notice are included and the publisher and the source are clearly acknowledged. Any reproduction or use of all or a portion of this publication in exchange for financial consideration of any kind is prohibited without permission in writing from the publisher. The moral rights of the author have been asserted 1 3 5 7 9 10 8 6 4 2 Verso UK: 6 Meard Street, London W1F 0EG US: 20 Jay Street, Suite 1010, Brooklyn, NY 11201 www.versobooks.com Verso is the imprint of New Left Books ISBN-13: 978-1-78168-583-9 eISBN-13: 978-1-78168-584-6 (US) eISBN-13: 978-1-78168-689-8 (UK) British Library Cataloguing in Publication Data A catalogue record for this book is available from the British library Library of Congress Cataloging-in-Publication Data A catalog record for this book is available from the library of congress Typeset in Sabon by MJ & N Gavan, Truro, Cornwall Printed in the US by Maple Press Printed and bound in the UK by CPI Group Ltd, Croydon, CR0 4YY I dedicate this book to the legions behind Anonymous— those who have donned the mask in the past, those who still dare to take a stand today, and those who will surely rise again in the future.
    [Show full text]
  • Deliverable D1.1
    DELIVERABLE D1.1 STATE OF THE ART, PROJECT CONCEPT AND REQUIREMENTS Grant Agreement number: 786922 Project acronym: ASTRID Project title: AddreSsing ThReats for virtualIseD services Start date of the project: 01/05/2018 Duration of the project: 36 months Type of Action: Research & Innovation Action (RIA) Name: Orazio Toscano Project Coordinator: Phone: +39 010 600 2223 e-mail: [email protected] Due Date of Delivery: M10 (28/02/2019) Actual Date of Delivery: 27/02/2019 Date of Revision Delivery: 27/02/2020 Work Package: WP1 – Reference Architecture Type of the Deliverable: R Dissemination level: PU Editors: POLITO Version: 3.0 Deliverable D1.1 List of Authors POLITO POLITECNICO DI TORINO Fulvio Valenza, Fulvio Risso, Riccardo Sisto, Guido Marchetto CNIT CONSORZIO NAZIONALE INTERUNIVERSITARIO PER LE TELECOMUNICAZIONI Matteo Repetto, Alessandro Carrega DTU DANMARKS TEKNISKE UNIVERSITET Thanassis Giannetsos ETI ERICSSON TELECOMUNICAZIONI Orazio Toscano INFO INFOCOM S.R.L. Maurizio Giribaldi SURREY UNIVERSITY OF SURREY Mark Manulis AGE AGENTSCAPE AG Benjamin Ertl GIOUMPITEK MELETI SCHEDIASMOS YLOPOIISI KAI POLISI ERGON UBITECH PLIROFORIKIS ETAIREIA PERIORISMENIS EFTHYNIS Anastasios Zafeiropoulos, Eleni Fotopoulou, Thanos Xirofotos TUB TECHNISCHE UNIVERSITAET BERLIN Tran Quang Thanh, Stefan Covaci Page 2 of 203 Deliverable D1.1 Disclaimer The information, documentation and figures available in this deliverable are written by the ASTRID Consortium partners under EC co-financing (Call: H2020-DS-SC7-2017, Project ID: 786922) and do not necessarily reflect the view of the European Commission. The information in this document is provided “as is”, and no guarantee or warranty is given that the information is fit for any particular purpose. The reader uses the information at his/her sole risk and liability.
    [Show full text]
  • Antes, Conley, Morris, Schossow, Yee
    Antes, Conley, Morris, Schossow, Yee Jessica Antes, Jennifer Conley, Richard Morris, Stephanie Schossow, Zonia Yee MIS 304 Professor F. Fang December 9, 2008 Cyber Crimes: Real Life and in the Virtual World Introduction Cyber crime is a growing concern both domestically and internationally. Cyber crime was the only concern once the Internet was accessible to everyone, but the problem has evolved into something much greater, virtual crime. First we will be discussing the different categories of cyber crimes: real life cyber crimes and virtual crimes. There is a distinction between the two types of crimes, and Cyber crimes are being taken to a whole new level in crime sprees. Due to the evolution of the virtual world and cyber crimes, some virtual crimes have crossed over into the real world. By definition cyber crimes are “unlawful acts wherein the computer is a tool or a target or both, it is also any form of threat to the public or private health or safety using the computer.” We have all heard about cyber crimes that range from financial crimes, cyber pornography, sales of illegal articles, online gambling, intellectual property crimes, e- mail spoofing, forgery, cyber defamation, and cyber stalking. Virtual Crime, as known as in game crimes, is similar to crimes that happen in real life, however, it happens in the virtual world. These crimes can range from theft, rape, murder, etc. We'll be discussing what happens when real world crimes meet the virtual world. Throughout the course of 1 Antes, Conley, Morris, Schossow, Yee this paper we will cover four different major types of cyber crimes with some real world examples, and what we can do to prevent some of these cyber crimes.
    [Show full text]
  • 2013-07-08-Security Researchers Amicus.Pdf
    Case: 13-1816 Document: 003111316712 Page: 1 Date Filed: 07/08/2013 No. 13-1816 In the United States Court of Appeals for the Third Circuit United States of America, Plaintiff-Appellee, v. Andrew Auernheimer, Defendant-Appellant. Appeals from the United States District Court for the District of New Jersey, Case No. 11-CR-470, Judge Susan D. Wigenton Brief of Meredith Patterson, Brendan O’Connor, Sergey Bratus, Gabriella Coleman, Peyton Engel, Matthew Green, Dan Hirsch, Dan Kaminsky, Samuel Liles, Shane MacDougall, Brian Martin, C. Thomas, and Peiter Zatko as Amici Curiae Supporting Appellant Alex Muentz Adjunct Instructor Department of Criminal Justice Gladfelter Hall, 5th floor Temple University 1115 Polett Walk Philadelphia PA 19122 (215) 806-4383 Case: 13-1816 Document: 003111316712 Page: 2 Date Filed: 07/08/2013 Table of Contents Interest of Amici Curiae .......................1 Non-Party Statement .........................2 Consent to File ............................2 Summary of Argument.........................2 Argument................................3 1 Allowing a corporation to serve data publicly, then state after the fact that access was secretly restricted and thus impose criminal liability, amounts to a private criminal law, and may also violate the Ex Post Facto Clause. ...............................3 2 Criminalizing access to publicly-offered material is not in the public in- terest, because it prevents the security research community from exer- cising its consumer-protecting role. .................. 16 Conclusion............................... 21 Certificate of Bar Membership.................... 23 Certificate of Compliance With Word Count Requirements ... 23 Certificate of Service ........................ 23 Certificate of Identical Compliance of Briefs ........... 24 Certificate of Virus Check ...................... 24 ii Case: 13-1816 Document: 003111316712 Page: 3 Date Filed: 07/08/2013 Table of Authorities Cases Calder v.
    [Show full text]
  • A Tale of Two Worlds
    © Copyright, Princeton University Press. No part of this book may be distributed, posted, or reproduced in any form by digital or mechanical means without prior written permission of the publisher. INTRODUCTION A Tale of Two Worlds •• ree and open- source software (F/OSS) refers to nonproprietary but li- Fcensed software, much of which is produced by technologists located around the globe who coordinate development through Internet- based proj- ects. The developers, hackers, and system administrators who make free software routinely include the following artifact in the software they write: This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABIL- ITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. While seemingly insignifi cant, this warning is quite meaningful for it reveals something important about the nature of free software and my subsequent representation of it. This legal notice is no doubt serious, but it also contains a subtle irony available to those who know about free software. For even if developers cannot legally guarantee the so- called FITNESS of software, they know that in many instances free software is often as useful as or in some cases superior to proprietary software. This fact brings hackers the same sort of pleasure, satisfaction, and pride that they derive when, and if, they are given free reign to hack. Further, even though hackers distribute their free software WITHOUT ANY WARRANTY, the law nevertheless en- ables them to create the software that many deem superior to proprietary software— software that they all “hope [ .
    [Show full text]
  • Copyrighted Material
    94192bindex.qxd 6/3/08 3:29 PM Page 835 Index Symbols and Numbers 2600 # key, as end of dialing feature, 96 meetings, 512–522 10 reserved bytes, and virus detection, 291 writer indicted, 73 10297, 484 2600 Hz, 221 10457, 484 300 baud modems, 43 10502, 484 311, 483 10811, 484 31337SP34K, hacking, 816–817 10nnn, 93–97 3D glasses, 812–816 110w, 761 411 128-bit keys, cryptosystems, 308 directory assistance, 47 1633 Hz, 31 step offices and, 51 1980s 414 gang, 22 corporate history, see corporations. see 56-bit keys, Data Encryption Standard, 308 corporations, 1980s 62-second trick, and virus detection, 291 early days of Net. see Internet, early days of 64-bit keys, cryptosystems, 308 hacker philosophy. see hackers, philosophy *67, 483, 669 last days of Ma Bell. see Ma Bell 710 trick, 667 new toys. see telecommunications toys, 1980s 800 numbers raids. see raids, 1980s allocating, 92–93 stories. see stories, 1980s types of, 111–112 1990s 802.11b wireless networks, 733–739 computer revolution. see computer revolution background and basics, 733–734 hackers and the law. see law enforcement, 1990s community, 737–738 hackers really discovered in, 233–234 detecting, 734–736 hacking other things. see hacking other things getting to know your neighbors, 739–743 pop culture. see pop culture,COPYRIGHTED 1990s hacking MATERIAL Captivate network, 743–744 stories. see stories, 1990s non-beaconing, 737 2000 and beyond packet types, 734 hacker stories. see stories, 2000 and beyond practical examples, 738–739 lawsuits. see lawsuits, 2000 and beyond securing, 737 retail hacking.
    [Show full text]