Slashdot Mirror

← Back to Stories (view on slashdot.org)

Wired Reports On Korea's First Hacker Con

Posted by Zonk on from the so-happy-together dept.

evanwired writes "Quinn Norton offers a great first-hand account of the first South Korean Hacker con. Marked by conservative dress and polite conversation, the group was nevertheless still very much concerned with the shortcomings of computer security." From the article: "A police crackdown three years ago left South Korea's hacking community broken and fragmented. One of the conference's more animated speakers, 'Xpl017Elz,' complained that many of Korea's best and brightest hackers wound up emigrating to more receptive environments with better pay for security researchers. But he also demonstrated a large and difficult divide between how the hacker communities behave in Korea and the United States. Xpl017Elz's presentation focused on four (of a reported seven) attacks he developed against Red Hat's Fedora Core using ExecShield. He demonstrated privilege escalation, where a logged-in user can become root and take over the machine, and remote code execution, wherein an external attacker can gain root without a login."

7 of 40 comments (clear)

  1. His name is Xpl017Elz? by glen · · Score: 4, Funny

    Did he get confused when someone explained to him what a secure password is and you shouldn't use your name?

    1. Re:His name is Xpl017Elz? by jovius · · Score: 2, Insightful

      What's the problem with having a secure name then ?

    2. Re:His name is Xpl017Elz? by hclyff · · Score: 2, Funny

      Yeah, I wonder what were his parents smoking, giving him a name like this...

  2. Re:conspiracy theory by winkydink · · Score: 2, Funny

    Um, perhaps you have your "all Stallman, all the time" filter on? All the thumbs work for me.

    --

    "I'd rather be a lightning rod than a seismometer." -Ken Kesey

  3. Re:hackers suck by brunascle · · Score: 2, Insightful
    Why don't these freaking hackers channel their obvious intelligence into something constructive rather than hacking our stuff?
    you mean, like, finding the holes in your stuff?
  4. Re:Security researchers? by Vellmont · · Score: 3, Insightful


    Hacking into someone's network uninvited and posting some silly "hacked by" page is not security research.

    I missed the part of the article where this is discussed. Can you please point me to it?

    The article I read talks about someone who's created exploit code to get around a security measure developed by RedHat. I'm no expert at "ExecShield", but independently developing exploits to security measures sure sounds like Security Research to me.

    What you're describing sounds more like script kiddies. It'd be nice if you actually presented some evidence that these guys are actually just script kiddies and not just assuming it because of what I can only assume is personal bias.

    --
    AccountKiller
  5. First Korean conference? More than Six years ago! by gessel · · Score: 2, Informative

    Trust Wired to get it wrong. The magic of subjective journalism. It is ironic that another /. article describes how the blogosphere is becoming recognized as unreliable.

    I was a speaker there in August 2000 at the First WorldWide Top Hackers Conference 'IS2K' in Seoul Korea at the Millennium Hotel. We spoke for several days and even got to meet Kim Hyong-O, the Member of the National Assembly.