Slashdot Mirror
India Enlists Teen "Hackers" as Cyber Cops
Popocatepetl writes "Apparently, you can get a job if you tell Indian government officials you can "hack" a government web site. This story is short on details, but may be interesting nonetheless, especially since the FBI is mentioned."
"They are brilliant. They told me that within five minutes they can hack the (Indian) defense ministry Web site...," he said.
Hummmm let's think about this one. How brilliant can someone be who would easily and openly admit to such a thing?
----------
do { Work(); PayTaxes(); Eat(); Sleep(); } while (alive)
----------
while (alive) { Work(); PayTaxes(); Eat(); Sleep(); }
Bool
"We want to use them positively so that they can create adequate firewalls so that nobody can hack our country's Web sites," he added.
/."
Okay somebody answer me this: using hackers to catch/thwart hackers sounds good, but is it really feasible? What's to say that little Wali, age 14, who built your firewall, won't share those techniques with, oh, say some kid in Minnesota who happens to post regularly to places like Slashdot, and so now your custom defense can be cracked by k1dd13s? Do they sign a NDA or something?
"I'm not a bitch, I just play one on
The House Between - Original Sci-Fi Series
I sincerely doubt a government is dumb enough to hire a hacker to put up a firewall which he would be extremely interested in taking down.
Given a reasonably level playing field, who would win a fight between a bear and a shark?
I love the smell of Karma in the morning
Cracking and defacing web sites may be exciting and a thrill to youngsters, but how many of them are really to have the patience to do a serious security audit? That is (should be) lot of paper work, and boring checklists.
In Murphy We Turst
"They are brilliant. They told me that within five minutes they can hack the (Indian) defense ministry Web site...," he said.
Crack a server in five minutes. This doesn't sound like brilliance. It sounds like some script kiddies attacking servers deployed with default security settings.
Seriously folks, outside of Hollywood movies, cracking takes a lot of time and effort, except when it's packaged up and distributed to the script kiddies. Learning to use the scripts does take a minimal amount of intelligence, but the main investment is time to hang in the right usenet forum or chat room to search the scripts out. Grokking of networking dynamics or basic algorithms are not required to use the scripts. Once the script parameters have been memorized, using it is trivial; however, the change anything that breaks the script and the kiddies are SOL.
For instance, I have a nephew who considers himself 3733t due to his ability to crack copy protection on CD games using scripts he's found on the net. The dunderhead can't even count in binary and is totally baffled when presented with hex. I ask you, where is the brilliance? He doesn't create or understand anything. He just blindly copies what someone else has told him to do.
Even people that understand aspects of networking and the vulnerabilities of various OS' are not necessarily smart. Knowledge does not equal intelligence, though there is a strong correlation. I'm not saying these kids are dumb. I'm saying that 'brilliant' should be reserved for someone who can analyze a system and design an effective attack. The sort of analysis that take hours, days or weeks. The term does not apply to someone who can run a script, which is what the kids are relying on if they can be so cavalier in their claims.
Noting that, the Indian authorities still appear to be smarter than their American counterparts. Even if these kids are dumb as bricks, they have knowledge that is beneficial for law enforcement. Recruiting their help is very wise.
Aah, change is good. -- Rafiki
Yeah, but it ain't easy. -- Simba