School Teaches 'Ethical Hacking'

Yardboy writes "A Yahoo! News/Reuters story discusses students in Los Angeles paying $4,000 to attend 'Hacker College' and become 'Certified Ethical Hackers'. Apparently: 'Instructors race through topics like symmetric versus asymmetric key cryptography (symmetric is faster), war dialing (hackers will always call late at night) and well-known TCP ports and services (be wary of any activity on Port 0)', and the president of the college: says 'What we attempt to do in our classes is teach how the hackers think.' Hmmm, perhaps 'Certified Script Kiddie' would be a more accurate designation."

Gasp!

Better watch out, article submitter! Me and my friends are totally gonna DDOS you now!!!!

Oh man...

[RegalBegal]

First day. 2day kidZ, w3 LeRN 2 HaX0R t3H g00d w^y...w00t. OMG. RTFB.

Re:Oh man...

[theJerk242]

Pr0f3x0r, W|-|3n w177 w3 L3@rn 2 H@x0r teh Gibs0n?

Hackers will always call late at night

What they don't tell you until the PhD course is that it's always late at night somewhere.

Hmmm

[Neil+Blender]

Sounds like they are social engineering people out of $4,000.

With titles like those...

[mikael]

I wonder how long before they offer the qualification of "Certified Pointy Haired Boss"?

Re:With titles like those...

[peragrin]

Already due have a "Certified Pointy Haired Boss" It's called an MBA or EMBA..

These degrees are there to ensure only stupid people ge management roles.

First line of the story

[liquidsin]

Sporting long sideburns, a bushy goatee and black baseball cap, instructor Ralph Echemendia has a class...

He wears a black hat, and we're expected to believe that he's teaching ethical hacking? It's a cover! He's building an army! TERRORISTS!!!

I'm Waiting

[stinkyfingers]

Wake me up when they offer Ethical Racketeering, Ethical Pimping, and Ethical Congressional Campaigning.

My $5

[Doesn't_Comment_Code]

I'm offering 5 dollars to help a poor Microsoft programmer attend this school, where he will learn how hackers think in order to stop them. Maybe if we all contribute to the pool, we'll have easier lives.

But the real question is

[Scoria]

4r3 7h3y c3r71f13d 1n 1337sp34k? j00 c4n't b3 4 h4x0r w17h0u7 1337sp34k. ;-)

Re:But the real question is

[the_weasel]

It bothers me that I had no trouble reading that. None at all. And I am about as far from being l33t as you can imagine.

Re:But the real question is

[rpbailey1642]

Hey, guys, it looks like yet another person has fallen asleep on their keyboard while posting to Slashdot.

Re:But the real question is

[Carbonite]

Oh, that's what happened! I thought someone was posting a Perl script.

Re:But the real question is

[Weirdofreak]

'j00 \/\/4|<3 |)|_||21|\|9 |'=~/\/\ 71|\/|35 1|\| 73|-| 5|'3(7|2|_||\/| 0|= |)00|\/| 4|<4 |_||/

You wake during P-M times in the spectrum of doom AKA UV. Could be better, but I don't care. It executes fine, unless you happen to be using an English parser.

Re:But the real question is

[Reteo+Varala]

You scare me...

Wait... I didn't even hesitate when reading that...

*shudder* Mommy?

This is an outrage...

[Gyorg_Lavode]

This is an outrage to all of us who toiled for years to become script kiddies and received no formal documentation of our accomplishments.

Your CEH cert will give you the pride...

...of self knowledge and recognized accomplishment amongst your peers that only MCSEs have enjoyed up to now.

In other news. . .

[JohnFromCanada]

Recent graduates of the 'Hacker College' realize that their diploma is virtually worthless in the real world and come to realize that they were just socially enginered out of $4000 dollars.

A white hat

[slasher+guy]

Do they get a white hat with the certificate?

I signed up for this class

[The_Rippa]

And paid for it with credit card numbers I stole from various hotmail accounts.

Like "Hackers"?

[cdavies]

Woah. If the course is lectured by Angelina Jolie, I'll cough up my 4KUSD in about 3 seconds flat ;)

Cracking...

[umrgregg]

This is true 'ethical' hacking. And you don't even have to go to school to learn it. Well never mind, you have to go to school...

Re:Seems expensive

[Doesn't_Comment_Code]

Be careful with dynamic memory.

Watch for stack overflows.

Always restrict access as much as possible.

Use the strongest encryption available depending on the sensitivity of your data.

Turn off all services that you don't use.

Don't set your root password to root.

Assume every user has bad motives.

Plan for the worst.


Send $4000 and a self addressed, stamped envelope with your name as you would like it to appear on your certificate.

Ethics in Three Simple Lessons

[handy_vandal]

(1) Do as I say, not as I do.

(2) Do it to someone else, not to me.

(3) You learned this from someone else, not from me.

-kgj

In other news...

[192939495969798999]

75% of the graduating class is under house arrest for hacking back into the schools' cc merchant account servers and getting their $4000 back. The other 25% also stole back their money, but couldn't be traced, and are presumed at large.

A Social-Hacking Honeypot?

[00Sovereign]

Perhaps the real reason for this class is simply to collect a large mass of 1337 Do0d5 in once place for their eventual "disposal"

--Shhhh....don't tell anyone.

Not script kiddies

The course seems pretty expensive and probably not exactly ideal, but it's a bit more than just script-kiddiesm. Unless, of course, the tests look like this:

Q: You are the IT manager of an online business. The owner is pleased to announce that the business has enjoyed rapid growth, and has asked you to prepare an outline of system upgrades and estimated costs to deal with an estimated 8,000 daily visitors consuming approximately 320KB, with the number of visitors doubling every six months. What are your main concerns likely to be? (circle all that apply)
a) Cost of expanded bandwidth utilization
b) Maintenance issues associated with a medium-sized server farm, as well as software concerns regarding your web application and load balancing
c) Continued self-hosting via the corporate T1 line vs. co-location
d) wtf ???? ummm just run linux+apache d00d !!!!!

Q: You are a consultant, hired to evaluate the security and efficiency of a small business's server configuration. Your employer, inexperienced with both the technology itself as well as online business in general, has hinted to you that he's not certain how competent his system administrator Simon is. In evaluating the systems, you discover that Simon has misappropriated the server budget to upgrade his desktop system to play Unreal Tournament 2k4, and has left the actual servers themselves equipped with 386s and faulty hard disks. As you were confronting him about this in the server room, he excused himself from the room to fetch "documentation" while his young and pimply-faced apprentice tripped the halon fire extinguishers. What should your reaction be?

a) Immediately contact the police.
b) Inform the manager, and urge him to speak with the apprentice's parents about a possible intervention.
c) Return a favorable report after realizing that you have become tangled with things far larger than you, and never interfere with those servers again.
d) whats a halon fire

Q: A company has suffered a break-in. Not having a security professional on-hand, they have turned to you as a forensics consultant to help them assess the damage, identify the point of origin, and take appropriate response measures. What will your first action be?

a) Request a list of all servers on the network with their operating systems, as well as servers and version numbers.
b) Unplug the servers.
c) Inquire if there is any way an employee could have accessed the servers.
d) Ask your friends on EFNet if they did it.

j00 have a degree now.

[siliconjunkie]

7Hi5 c3r7iFi35 7H@7 U g07Z p@5$3D @Ll 7h3 rEqUiReD c0uR535 f0r H@ck3r c0lL3G3. U @R3 N0W 31337.

Re:Seems expensive

[Tongo]

Could you imagine having your snailmail box /.'d? It would be fun to get a PO Box and post it on here a few times....

Their training video....

[theJerk242]

I bet their training video will be the movie Hackers.

Cracker

[mfh]

> You know, it's only been within the last few years that I've heard any significant usage of the word "cracker" with regards to computer security.

It usually means dumbass white motherfucker where I'm from.

Re:Wash, rinse, repeat

[James+Turpin]

The reason they didn't teach the original "hackers" ethics in the first place is quite simple: If they had, some of these hackers would have realized how corrupt the system is - the system that the feds protect - and may have gone about undermining the system in some ingenious but ethical manner. And the last thing the feds want is _ethical_ civil disobedience. I mean, you can have a war on crime, or a war in terrorism, but a war on creative ethical civil disobedience!?!? No, they couldn't fight such a thing publicly without creating a public back lash, so better to stop its creation in the first place via poor education, misinformation, and stereotyping.

school name

[auroran]

hmmm i wonder what the school's called
maybe "0wnz U"?

that would create a paradox

[LuxFX]

'What we attempt to do in our classes is teach how the hackers think.' Hmmm, perhaps 'Certified Script Kiddie' would be a more accurate designation.

Except then it would be "What we attempt to do in our classes is teach how the script kiddies think." And putting the words "think" and "script kiddie" next to each other like that creates a paradox. Impossible to comprehend, much less teach.

Re:[cynical]

But you didn't learn the difference between weather and whether.

Re:[cynical]

Oh, and before you apply anywhere in the future, work on that spelling and grammar ;)

College can more useful...

Hello, Kettle? This is pot. You're black.

Re:Seems expensive

[nlindstrom]

Don't set your root password to root.

Excellent point. You should always use a secure combination, such as 1-2-3-4-5.