Slashdot Mirror
Facebook Helps Give Hacking a Good Name Again
Hugh Pickens writes "Ira Winkler says whenever he sees another 'cyberchallenge' getting play in the press, he think our priorities are screwed up. 'People seem to think that organizing teams of people to hack into systems is a way to bring together the best computer talent to square off against each other,' writes Winkler. 'I look at it as a waste of that talent.' That's why Winkler supports Facebook's latest Hacker Cup, which has become one of the few tests of creative computer talent. Facebook is using the original definition of 'hacker,' referring not to someone who breaks into computer systems, but rather to an individual who 'enjoys exploring the details of programmable systems and how to stretch their capabilities.' Facebook's contest consists of successive sets of increasingly difficult algorithmic problems. Scoring will be based on how accurately and quickly the programmers complete the puzzles. 'Meanwhile, the media effectively lionize groups like Anonymous by breathlessly reporting on their latest hacks,' writes Winkler. 'What we really should be doing is not to reward a handful of students to find problems, but to train all students, and inevitably the profession, to integrate security into their efforts from the start.'"
Why in red?
What makes for a more interesting story: script kiddies taking down a CIA webpage, or some computer geeks getting together to see who the best geek is?
I know what I think is the more interesting story, but I'm sure common folk would disagree.
Meanwhile, the media effectively lionize groups like Anonymous by breathlessly reporting on their latest hacks,' writes Winkler.
Well you've got to admit the HBGary hack, as reported by arstechnica, was pretty damn cool.
This seems like bad timing for me/other uk students. Most of us are going to be having exams during the period which it is set, e.g. the qualification round is 20th-23rd of January, and then i have 2 exams on the 24th and 26th of January so it looks like i won't be signing up for this.
I always thought hackers made furniture using an axe. What is this computer stuff anyway?
They're no better than the "Chinese Water Army" shitheads, & are there to mislead/misinform others and to attack those who do not "play their game/are with THEIR program".
Don't believe it? Read this:
http://www.dailykos.com/story/2011/02/16/945768/-UPDATED:-The-HB-Gary-Email-That-Should-Concern-Us-All
PERTINENT QUOTES/EXCERPTS:
"According to an embedded MS Word document found in one of the HBGary emails, it involves creating an army of sockpuppets, with sophisticated "persona management" software that allows a small team of only a few people to appear to be many, while keeping the personas from accidentally cross-contaminating each other. Then, to top it off, the team can actually automate some functions so one persona can appear to be an entire Brooks Brothers riot online... And all of this is for the purposes of infiltration, data mining, and (here's the one that really worries me) ganging up on bloggers, commenters and otherwise "real" people to smear enemies and distort the truth... "
and
"They are talking about creating the illusion of consensus. And consensus is a powerful persuader... And another thing, this is just one little company of assholes. I can't believe there aren't others doing this already. From oil companies, political campaigns, PR firms, you name it. Public opinion means big bucks. And let's face it, what these guys are talking about is easy."
and
"To the extent that the propaganda technique known as "Bandwagon" is an effective form of persuasion, which it definitely is, the ability for a few people to infiltrate a blog or social media site and appear to be many people, all taking one position in a debate, all agreeing, for example, that so and so is not credible, or a crook, is an incredibly powerful weapon."
---
* They're out & out PIECES OF DECEIVING SHIT!
APK
P.S.=> They represent EXACTLY the type of people in this life I utterly FUCKING hate (& I am not "pulling any punches" on this one) - I call that "type" online "the NOT-men" (because they act more like WOMEN, than men, or @ least decent honorable men)...
... apk
We've done this before -> the best h@x0r$ aren't the people beating their chests, sporting security credentials, hanging out at DefCom, taking down websites, or playing '5 minutes in heaven' with the 3-letter agency people. And they typically aren't the people who have an entire bookshelf devoted to books that actually mention hacking / cracking in the title. The dangerous people are the ones who have the dog-eared copy of Fundamentals of UNIX Programming sitting on their desk; they aren't using the hack of the week, or someone else's 0-day to compromise a system -> they know how the system actually works, all of its strengths and weaknesses. It's like the difference between some poor slob who bought a gun and keeps it in the front part of his jeans, and a trained Marine with his trusty hunting rifle.
Programmers themselves can be scored in several different categories, and it often takes a weird grouping off them to pull off anything outstanding. Knowledge of computing, theory of computing, theory of application, pragmatic programming, knowledge of the programming language / linguistics, mathematics, advanced problem solving, advanced research, imaginary problem solving, and lore of computing. I may have missed a few. Good luck getting all 10s in every category.
Security, by the way, is taught; it's simply not emphasized to the exclusion of other subjects. Most CS students know where the security holes, the major ones, can occur when it comes to programming. However, it's simply not cost-effective to chase down every last security issue (it could take years to release a product).
I am John Hurt.
When my choices are to waste my time unjustifiably boosting someone else's security reputation for free, or being crowdsourced and providing one of many solutions, each of which would cost more than even the sole winner receives, I prefer to do neither. Contests are bullshit. If you participate in contests, you show that you'd rather work for free than not work at all. That's not a good negotiating position to be in.
pairwise, using rules 1 and 3. 3. Two floating point numbers are considered equal if their absolute or relative difference is smaller than 1e-6, unless the problem statement says otherwise. This does not apply to integers. Two integers are considered equal only when they are exactly equal.
The announcement page has a link to the problems from last year's qualification round, but that leads to a sign-up page for the contest. I'm curious to see the problems, but not planning to compete. Can someone who's already signed up post them here, and save the rest of us some time? Cheers.
XML is like violence. If it doesn't solve your problem, you're not using enough of it. --AC
Hacking: Using your capabilities to gain access and explore an unknown programmable system.
Cracking: Using knowledge of existing tools and systems to gain access and exploit a known programmable system.
Having to work for a living is the root of all evil.
I'm sick of this Hugh Pickens spammer being constantly posted on Slashdot with the lamest of lame stories. How much is he paying them for all this air time? Or is it a straight up blackmail operation? No wonder CmdrTaco left.
I'm glad to see Facebook promoting creative computer exploration. I think that the true spirit of hacking is being lost in the new definitions of our modern society. Anonymous and LulzSec make headlines for DDOS attacks which don't really count as hacking. The great hacks these days are often made without fanfare when a Hacker exploits a system or piece of code with his natural creativity, and it is often for positive rather than negative ends.
~theCzar
I'm not sure exactly why Mr. Winkler thinks computer security is a waste of computer talent, but that solving social media programming puzzles is not. While I'm not enough of an expert to see how algorithmic programming challenges relate to security, it seems to me that probing existing security systems (which, as far as I know, is an accepted and common practice, from which a lot of good can be derived) is more directly important than what is essentially a competitive Project Euler. However, it is understandable that, being a former security professional, Winkler might be the sort of person who believes the proliferation of security penetration techniques and training leads to the proliferation of security penetration itself, and advocates children getting rough on the playground rather than near the power station. In short, he wants an environment where the only people with the knowledge to disable systems are the architects of that system itself: if the door is locked, you should leave it alone. Given that he is advocating for a competition sponsored by Facebook, who has a vested interest in maintaining the illusion that their information structures are impenetrable monoliths, I'd say this is likely. His aversion to security testing is more a product of his old-guard nervousness about the volatility of information than to any real insight into why security testing is bad for computing as a whole.
Hacker/cracker/whitehat/blackhat wankery aside, security is an important aspect of computer networking, and it's important that the risks to a network be a part of programming as a whole. If it's confined to the domain of locksmiths and lockpickers, then information becomes easily monopolizable, and that way lies ruin.
We're taking it back!
And just like "Porch Monkeys", the idea that someone would be so attached to using "Hacker" as a positive is hilariously absurd.
Facebook is using the term "hacker" in the other traditional sense - to scout talent to help them milk the plebs for more of their personal data so they can sell it to the highest bidder. Fuck you, facebook.
I think the frustration over hacking/cracking would be quickly resolved if hackers adopted the label tinkerers (or e-tinkerers or something a little catchier) and let the uninitiated have their way. It's important for technical vocabulary to be pretty rigidly defined, but hacking has migrated a bit towards everyday vocabulary. Since computers have completed the one-time move from obscure to common, I don't think this concession would need to be repeated with "tinkerers." My grandmother would complain about "how the gays took our word and made it something else," and I'm failing to see how that doesn't parallel people's reaction to the misuse of "hacking."
Bah! Tackling algorithmic problems isn't hacking.
How is associating themselves with Facebook supposed to give anyone a good name?
Hacking can be a good thing, if it is used right. Some people should continue hacking, if they tone their skills, than they can put it to great use in the future.
"but to train all students, and inevitably the profession, to integrate security into their efforts from the start"
Really they don't get that yet.
Looks more like employment test to me.
security audit of your website(s) HACKING OF WEBSITES & Hacking Accounts which include facebook,twitter this is pretty easy,myspace,skype,and email ids.I require either a Name, Friend ID, or E-mail address of the targets account(s). I have the help of a current 0-Day Exploit that allows me to gain remote access to the website servers and from there I find the password which is usually in an MD5 hash, from that I must decrypt to get the real password. The entire process takes about 30 minutes-1 hour to complete. All passwords are tested out 3 times before they get issued to any clients.I also rip Standards from websites.I accept payment through LR (Liberty Reserve) Only.I hardly ever USE WESTERN UNION! :kross303@yahoo.com (SEND ME AN IM THROUGH Y! MESSENGER OR MAIL)i also sell bank logins and credit cards
YOU CAN REACH ME ON