School Teaches 'Ethical Hacking'
Yardboy writes "A Yahoo! News/Reuters story discusses students in Los Angeles paying $4,000 to attend 'Hacker College' and become 'Certified Ethical Hackers'. Apparently: 'Instructors race through topics like symmetric versus asymmetric key cryptography (symmetric is faster), war dialing (hackers will always call late at night) and well-known TCP ports and services (be wary of any activity on Port 0)', and the president of the college: says 'What we attempt to do in our classes is teach how the hackers think.' Hmmm, perhaps 'Certified Script Kiddie' would be a more accurate designation."
The name of the certificate is new, but the concepts are not novel.
We went through an entire class about computer ethics. We had to to get a Computer Science degree. And since it was an actual Computer Science degree, we learned all about security and machine language and what have you... basically everyting you would learn in this course.
This program seams like a stripped down version of computer science for people who are only interested in security related work.
Slashdot Syndrome: the sudden, extreme urge to correct someone in order to validate one's self.
Out of the 5 people I personally know that have taken classes like this, 4 of them have continued on to go after their GIAC/CISSP certifications. If a class like this gets people started, I'm all for it. I just worry about the people that think something like this is all they need.
Anyone who is smart enough to hack, is smart enough (save for those with mental problems) to realize the difference between right and wrong.
Anyone who wants to take an ethics class obviously has some ethics (what you think someone lacking morales will be taking an ethics class to hope improving himself)???
What they should offer is a class that teaches non-techies what is a hacker - so they learn that not all hackers are evil people bent on ruling the world (not there is anything inherently wrong with this..I mean if I ran the world, it would be a much better place - for you and me....well more me, but it's all good)
I mod down so you can mod up. Your welcome.
(BTW, doesn't this "Economic Times" look like a pretty shameless rip of the Financial Times? I wonder if their print edition is salmon-colored.)
What I'm listening to now on Pandora...
And one note on Mr Morris, who I actually respect a fair amount for his successful bid to bring computer security into the spotlight. I don't advocate writing worms or viruses (the so-called Internet Worm actually classified as both, depending on which attack vector it was using at the time), but in the case of Morris' program, his intent was a reasonable one, even if his actions were not. For that, he deserves a nod: he took a big fall in order to get us to stop pretending holes didn't exist, and CERT was formed as a direct response to his actions.
;-)
I know, he also cost us a huge amount of lost productivity, but can you imagine the chaos that someone who DID have malicious intentions would have caused just five years later?! We took that hit to productivity because there was a problem, and though people like Bob Page (who wrote one of the better papers on the worm, and was in charge of sysadmin at my school at the time) were not amused, I do think they were better off in the long term.
Now, if Morris' code hadn't had that fatal bug that caused it to replicate out of control.... heh
Sorry man, but the word is used to mean malicious computer access as well. Words take on the meaning that the majority use them for.