A Tale of Two Worlds
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
UC Santa Barbara UC Santa Barbara Electronic Theses and Dissertations
UC Santa Barbara UC Santa Barbara Electronic Theses and Dissertations Title A Web of Extended Metaphors in the Guerilla Open Access Manifesto of Aaron Swartz Permalink https://escholarship.org/uc/item/6w76f8x7 Author Swift, Kathy Publication Date 2017 Peer reviewed|Thesis/dissertation eScholarship.org Powered by the California Digital Library University of California UNIVERSITY OF CALIFORNIA Santa Barbara A Web of Extended Metaphors in the Guerilla Open Access Manifesto of Aaron Swartz A dissertation submitted in partial satisfaction of the requirements for the degree Doctor of Philosophy in Education by Kathleen Anne Swift Committee in charge: Professor Richard Duran, Chair Professor Diana Arya Professor William Robinson September 2017 The dissertation of Kathleen Anne Swift is approved. ................................................................................................................................ Diana Arya ................................................................................................................................ William Robinson ................................................................................................................................ Richard Duran, Committee Chair June 2017 A Web of Extended Metaphors in the Guerilla Open Access Manifesto of Aaron Swartz Copyright © 2017 by Kathleen Anne Swift iii ACKNOWLEDGEMENTS I would like to thank the members of my committee for their advice and patience as I worked on gathering and analyzing the copious amounts of research necessary to -
Ethics in Security Testing
Ethics in Security Testing Title Prepared by: Nick Dunn, Managing Security Consultant Table of contents Executive summary ................................................................... 3 Introduction ................................................................................4 Professional ethics .................................................................... 6 The hacker ethic ........................................................................ 9 Reconciling the ethical stances ............................................... 12 Conclusion ............................................................................... 16 References .............................................................................. 18 About NCC Group ................................................................... 20 2 NCC Group Whitepaper ©2018 Executive summary This paper discusses the similarities and differences between professional ethics in the information security industry and ethics in the hacker community. Sources of conflict between the two and shared values of the two are discussed in order to find some reconciliation and come to an understanding of how a shared set of ethics is possible. A reconciled set of ethics allows hackers to function within the corporate world without compromising their principles and allows the commercial world to benefit from some of the more progressive ideas within the hacker community. A reconciled set of ethics allows hackers to function within the corporate world without compromising their principles -
Scada & Plc Vulnerabilities in Correctional Facilities
SCADA & PLC VULNERABILITIES IN CORRECTIONAL FACILITIES White Paper Teague Newman Tiffany Rad, ELCnetworks, LLC John Strauchs, Strauchs, LLC 7/30/2011 © 2011 Newman, Rad, Strauchs PLC Vulnerabilities in Correctional Facilities Newman, Rad, Strauchs Abstract On Christmas Eve not long ago, a call was made from a prison warden: all of the cells on death row popped open. Not sure how or if it could happen again, the prison warden requested security experts to investigate. Many prisons and jails use SCADA systems with PLCs to open and close doors. As a result of Stuxnet academic research, we have discovered significant vulnerabilities in PLCs used in correctional facilities by being able to remotely flip the switches to “open” or “locked closed” on cell doors and gates. Using original and publically available exploits along with evaluating vulnerabilities in electronic and physical security designs, we will analyze SCADA systems and PLC vulnerabilities in correctional and government secured facilities while making recommendations for improved security measures. 1 PLC Vulnerabilities in Correctional Facilities Newman, Rad, Strauchs Biographies John J. Strauchs, M.A., C.P.P., conducted the security engineering or consulting for more than 114 justice design (police, courts, and corrections) projects in his career, which included 14 federal prisons, 23 state prisons, and 27 city or county jails. He owned and operated a professional engineering firm, Systech Group, Inc., for 23 years and is President of Strauchs, LLC. He was an equity principal in charge of security engineering for Gage-Babcock & Associates and an operations officer with the U.S. Central Intelligence Agency (CIA). His company and work was an inspiration for the 1993 movie, “Sneakers” for which he was the Technical Advisor. -
Ethics of Hacktivism by Tennille W
Ethics of Hacktivism by Tennille W. Scott and O. Shawn Cupp Introduction Do hacktivists have ethics? Some would say yes and others suggest that no, they do not. Are there rules that those who engage in hacking follow or abide by during the conduct of their activities? Does the hacktivist maintain any semblance of actions described under the just war theory? If so, it would seem to be only in jus in bello1 or the just conduct in war, due to the perpetual nature of hacker activities and hacktivist operations. First, what is a hacktivist?2 They are defined as those who through the nonviolent use for political ends of “illegal or legally ambiguous digital tools” like website defacements, information theft, website parodies, denial-of-service attacks, virtual sit-ins, and virtual sabotage.3 This provides the basis for understanding more about where hacktivists’ motivations come from and what kinds of ideologies they may exhibit. Nevertheless, hacktivists must conform to some sort of norm. Based upon the nature of hacktivist activities, there must be a way to categorize or identify their overarching ethic. Understanding the motivation of this group is a huge undertaking because of the great variance and diversity of the people who make up the hacktivist collective. Unlike cyberterrorists, who typically belong to a hierarchical group structure and have a common cause, hacktivists are not bound in the same way, which makes them more dynamic and difficult to analyze. A prime example is the hacktivist group known as Anonymous and its spinoff group, Lulz Security (LulzSec), who eventually participated in different activities with different motives. -
Paper: Hacks and Attacks: Examples of Electronic Device Compromise
Hacks and Attacks: Examples of Electronic Device Compromise Embedded Systems Conference Silicon Valley 2010 (ESC-343) Joe Grand* Grand Idea Studio, Inc. ABSTRACT Bolstered by the flourishing hobbyist electronics and do-it-yourself movements, easy access to equipment, and nearly realtime information sharing courtesy of the Internet, hardware devices have become a target for both harmless, curious hackers and malicious attackers. Many devices are inherently trusted and taken for granted, though they are actually susceptible to compromise leading to potential financial, social, or legal implications. As engineers, we have a responsibility to learn from problems of the past and anticipate new ones in order to better equip ourselves for designs of the future. This paper will present a typical hardware hacking process and explore a few real- world attacks against electronic devices. WHY HARDWARE? Society thrives on an ever-increasing use of technology. Electronics are embedded into nearly everything we touch. Hardware products are relied on for security-related applications and are inherently trusted, though many are completely susceptible to compromise with simple classes of attacks that have been known for decades. Contrary to conventional thinking, engineering doesn’t only have to be about design and hacking doesn’t have to be illegal. You can combine the best of both worlds - the skills and precision of an engineer with the freewheeling, anti- authoritative mindset of a hacker - to discover, learn about, experiment with, modify, build, break, or improve a product. Whether the goals of a hardware hack or attack are for “good” or for “evil” depends purely on the person or people undertaking the task. -
D 4.4 Profiles of Cyber-Criminals and Cyber- Attackers
Funded by the European Commission Seventh Framework Programme CyberROAD Development of the Cybercrime and Cyber-terrorism Research Roadmap Grant Agreement N. 607642 D 4.4 Profiles of Cyber- Criminals and Cyber- Attackers Date of deliverable: 01/12/2015 Actual submission date: 01/12/2015 Start date of the Project: 1st June 2014. Duration: 24 months Coordinator: UNICA – University of Cagliari, PRA Lab - Pattern Recognition and Applications Lab Version: 1.0 Project funded by the European Commission Directorate-General Home Affairs in the Prevention of and Fight against Crime Programme Restriction Level PU Public PP Restricted to other programme participants (including the Commission services) no RE Restricted to a group specified by the consortium (including the Commission services) no CO Confidential, only for members of the consortium (including the Commission) no Profiles of Cyber-Criminals and Cyber-Attackers Funded by the European Commission under the Seventh Framework Programme Page 1 of 58 Revision history Version Object Date Author(s) 0.1 Initial draft Table of 01/07/2015 INDRA Contents. 0.2 Structure Changes. 01/08/2015 INDRA Multiple changes in the 0.3 03/08/2015 INDRA structure. Content added to section 1 and 2. Review of attributes for 0.4 07/08/2015 INDRA characterization. Attacks to Postal and 0.5 28/08/2015 INDRA Logistic Services. Attacks to Social 0.6 01/09/2015 INDRA Networks, Unmanned Systems, Mobile Biometry, ICS, Automotive, IoT, Transport Critical Infrastructure, Virtualization, Cloud Computing. Attacks to Smart Grids. 0.7 11/09/2015 INDRA Attacks to BYOD, Smart 0.8 07/10/2015 INDRA Cities. -
Hacking Competitions and Their Untapped Potential for Security Education
Education Editors: Matt Bishop, [email protected] Cynthia Irvine, [email protected] Hacking Competitions and Their Untapped Potential for Security Education nformation security educators can learn much from room environment. the hacker community. The word “hacker” is con- Network Warfare Perhaps the best-known com- troversial, and the idea of emulating this community petition in the hacker commu- nity is CTF, which challenges is problematic to some. However, we use the term in participants to attack and defend computing resources while solv- Iits purest form: individuals who creatively explore technology ing complex technical problems. Run by security experts includ- GREGORY and push it in new directions. Be- better prepared to deter attacks and ing DDTek, Kenshoto, and the CONTI, THOMAS cause of this imaginative, playful defend against them. They’ll also Ghetto Hackers, CTF has been BAbbITT, AND spirit, most hacker conferences be more able to perform ethical an important catalyst for research, JOHN NELSON sponsor diverse and intense com- hacking activities, such as penetra- innovation, and government, aca- US Military petitions, many organized by the tion testing, reverse engineering, demic, and industry collaboration. Academy attendees themselves and facilitat- and active network defense. CTF variants have emerged, such ed via the conference organizers. as the Collegiate Cyber Defense These competitions test partici- Types of Competitions Competition and the US National pants’ ingenuity and problem-solv- Hacker competitions touch on Security Agency-sponsored Cy- ing skills, are fun and innovative, many aspects of computer science, ber Defense Exercise.4 CTF has and draw large, enthusiastic groups information technology, electri- even spawned a business model in of participants and spectators. -
How Hackers Think: a Mixed Method Study of Mental Models and Cognitive Patterns of High-Tech Wizards
HOW HACKERS THINK: A MIXED METHOD STUDY OF MENTAL MODELS AND COGNITIVE PATTERNS OF HIGH-TECH WIZARDS by TIMOTHY C. SUMMERS Submitted in partial fulfillment of the requirements For the degree of Doctor of Philosophy Dissertation Committee: Kalle Lyytinen, Ph.D., Case Western Reserve University (chair) Mark Turner, Ph.D., Case Western Reserve University Mikko Siponen, Ph.D., University of Jyväskylä James Gaskin, Ph.D., Brigham Young University Weatherhead School of Management Designing Sustainable Systems CASE WESTERN RESERVE UNIVESITY May, 2015 CASE WESTERN RESERVE UNIVERSITY SCHOOL OF GRADUATE STUDIES We hereby approve the thesis/dissertation of Timothy C. Summers candidate for the Doctor of Philosophy degree*. (signed) Kalle Lyytinen (chair of the committee) Mark Turner Mikko Siponen James Gaskin (date) February 17, 2015 *We also certify that written approval has been obtained for any proprietary material contained therein. © Copyright by Timothy C. Summers, 2014 All Rights Reserved Dedication I am honored to dedicate this thesis to my parents, Dr. Gloria D. Frelix and Dr. Timothy Summers, who introduced me to excellence by example and practice. I am especially thankful to my mother for all of her relentless support. Thanks Mom. DISCLAIMER The views expressed in this dissertation are those of the author and do not reflect the official policy or position of the Department of Defense, the United States Government, or Booz Allen Hamilton. Table of Contents List of Tables .................................................................................................................... -
The Best of 2600: a Hacker Odyssey, Collector's Edition Emmanuel Goldstein
To purchase this product, please visit https://www.wiley.com/en-ae/9780470474693 The Best of 2600: A Hacker Odyssey, Collector's Edition Emmanuel Goldstein E-Book 978-0-470-47469-3 January 2009 £48.99 DESCRIPTION In response to popular demand, Emmanuel Goldstein (aka, Eric Corley) presents a spectacular collection of the hacker culture, known as 2600: The Hacker Quarterly, from a firsthand perspective. Offering a behind-the-scenes vantage point, this book provides devoted fans of 2600 a compilation of fascinating—and controversial—articles. Cult author and hacker Emmanuel Goldstein has collected some of the strongest, most interesting, and often provocative articles that chronicle milestone events and technology changes that have occurred over the last 24 years. He divulges author names who were formerly only known as “anonymous” but have agreed to have their identity revealed. The accompanying CD-ROM features the best episodes of Goldstein’s “Off the Hook” radio shows. Note: CD-ROM/DVD and other supplementary materials are not included as part of eBook file. ABOUT THE AUTHOR Emmanuel Goldstein first became enchanted with the computer during his high school days in the late '70s. His infatuation soon got him into trouble as he discovered he could access things he shouldn't. A few years and an FBI raid later, he cofounded 2600: The Hacker Quarterly as an outlet for stories and tutorials from hackers around the world. Since 1988, Goldstein has hosted Off the Hook, a hacker-themed radio talk show airing on WBAI FM in New York City. The seven HOPE (Hackers On Planet Earth) conferences he has organized since 1994 have drawn thousands of attendees from points around the globe. -
Anarchy and Source Code – What Does the Free Software Movement Have to Do with Anarchism?
Anarchy and Source Code – What does the Free Software Movement have to do with Anarchism? Christian Imhorst Preface In a restaurant in New York two men were sitting together having lunch and they considered the next steps of their little revolution. One of them, Eben Moglen, briefly thought about how they must have looked like to the people passing by. ‘Here we were, these two little bearded anarchists, plotting and planning the next steps. Anybody who overheard our conversation would have thought we were crazy, but I knew: I knew the revolution was right here at this table.’ And the man sitting next to him, Richard Stallman, was the person who was supposed to make it happen. (Cp. Williams 2002, 184) Not only Eben Moglen, Professor of Law and Legal History at Columbia Law School, considered himself to be an anarchist. Also Richard Stallman, one of the most exceptional persons of the Free Software Movement saw himself as an anarchist. We should not imagine the anarchists of the Free Software Movement to be like the cartoon image: A scruffy looking lunatic, with a crazy glint in his eyes and bristling with weapons. On the contrary: Instead of chaos, Stallman postulates a new form of order for the intellectual property This Paper is the translation of my article “Anarchie und Quellcode” for the German “Open Source Jahrbuch 2005” (Open Source Yearbook 2005). You can find it here: http://www. imhorst.com/en/anarchy and sourcecode.html. The article is more or less an abstract of my book “Die Anarchie der Hacker” (The Anarchy of Hackers). -
History & Impact of Hacking: Final Paper
History & Impact of Hacking: Final Paper From HistoryOfComputing Contents 1 Introduction by everyone 2 The Word "Hacker" by Carmelo Kintana 2.1 Survey of Common Definitions 2.2 Etymology 2.3 Evolution 2.4 Perceptions 2.4.1 Public Perceptions 2.4.2 Insider Perceptions 2.5 Timeline of the word “Hack” 3 Expert Programmer by Vikas Rajvanshy 3.1 Hacker as an expert programmer 3.2 Impact on society 3.3 Famous hackers 3.4 Where did all the hardware hackers go? 3.5 Why are the top hackers today affiliated with Open Source? 3.6 What is the role of hackers in corporations? 4 Black Hat by Sandra Lemon & Hansen Liou 4.1 History 4.2 Early Examples 4.3 Modern Examples & Motivations 4.4 Impact of Hacking on Businesses and Governments 5 White Hat by Michael Frederick 5.1 Motivations 5.1.1 Kevin Mitnick 5.1.2 H.D. Moore 5.2 History 5.2.1 Rising out of the black hat community 5.2.2 Reformation of former black hats 5.2.3 Hacker literature 5.3 Popular culture 5.4 Impact 5.4.1 Society 5.4.2 Security 6 Conclusion by everyone 7 References History & Impact of Hacking > Final Paper Introduction by everyone The hacker culture began in the 1960s and 1970s as an intellectual movement: exploring the unknown, documenting the arcane, and doing what others cannot. Many hacker subcultures developed independently and in parallel at various universities throughout the United States: Stanford, MIT, CalTech, Carnegie Mellon, UC Berkeley, and many others. The completion of the ARPANET linked these campuses and they were able to share their collective experiences, their knowledge, humor and skills. -