Slashdot Mirror

← Back to Stories (view on slashdot.org)

Pentagon Contractors Openly Post Job Listings For Offensive Hackers

Posted by Soulskill on from the must-have-eight-years-experience-and-good-references dept.

Sparrowvsrevolution writes "In the wake of confirmation that the U.S. government was involved in the creation of Stuxnet and likely Flame, a look over job listings on defense contractor sites shows just how explicitly the Pentagon and the firms that service it are recruiting offense-oriented hackers. Northrop Grumman, Raytheon, Lockheed Martin, SAIC, and Booz Allen have all posted job ads that require skills like 'exploit development,' have titles like 'Windows Attack Developer,' or asks them to 'plan, execute, and assess an Offensive Cyberspace Operation.'"

12 of 149 comments (clear)

  1. Who better? by jameson71 · · Score: 5, Insightful

    Who would better know how to defend against these attacks than someone who knows how to develop and implement them?

    1. Re:Who better? by Shagg · · Score: 4, Insightful

      What makes you think they're being hired for defense?

      --
      Unix is user friendly, it's just selective about who its friends are.
    2. Re:Who better? by Eightbitgnosis · · Score: 4, Insightful

      Offense? Defense?

      With America's preemptive warfare policy; what's the difference?

    3. Re:Who better? by Shagg · · Score: 3, Insightful

      You don't think "defense contractors" means they only defend, do you?

      --
      Unix is user friendly, it's just selective about who its friends are.
    4. Re:Who better? by bky1701 · · Score: 3, Insightful

      Hackers are like soldiers, though, in that defense and offense are really not that far apart (with the exception of just following good programming standards). Just like you can order the guy keeping watch to go shoot at some people, a 'friendly' hacker can still hack your enemies, in theory.

      The overall problem with "cyber war" is that it seems like the new excuse, now that kiddie porn has kind of fizzled out and piracy is widely accepted, to lock down the internet. The only real answer is to stop having vital systems programmed by idiots connected to the internet. When most bank and government systems are less secure than a site running PHPBB (for example, using unencrypted passwords), there is a serious problem that can't be fixed by plastering it over with censorship and playing war.

      --
      Great Intellect...
    5. Re:Who better? by gweihir · · Score: 4, Insightful

      Who would better know how to defend against these attacks than someone who knows how to develop and implement them?

      Almost anybody. Attackers are highly specialized and do not need to cover the whole or even significant parts of the protection angle. If the attacker gets in, the goal is reached. It does not matter at all that if a lot of potential other attack venues were not even touched.

      For this reason, black-hats make terrible security experts for the defender side. The myth that a good attacker is a good defender is patently false in IT security (and likely in other areas as well). What a good defender needs first is to find all possible attack venues. That is complicated and requires understanding the whole system, the organization using it, the cultural environment, etc. The black-hat, on the other side, can experiment and does not really need to understand any of these, except for the tony fragment where the attack is to be launched. Even there, the black-hat can afford to fail frequently. This is fundamentally different for the defender.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  2. Offensive by Concerned+Onlooker · · Score: 2, Insightful

    Aren't all hackers offensive?

    --
    http://www.rootstrikers.org/
  3. Re:day in the life of a govt hacker by ackthpt · · Score: 2, Insightful

    the only downside... can't smoke weed at work

    http://www.youtube.com/watch?v=BBMtl79atFs

    Problem with that stuff is it doesn't make you smarter or more creative, it just makes you think you are.

    --

    A feeling of having made the same mistake before: Deja Foobar
  4. Re:Microsoft must be so pleased.... by Mindcontrolled · · Score: 1, Insightful

    And if the Linux community wants Linux to be used, they only have to make it usable.

    Waiting for more than a decade...

    --
    Ubi solitudinem faciunt, pacem appellant.
  5. Afghanistan mujahideen by jjohn · · Score: 5, Insightful

    I don't need to explain why training terrorists might not be the best idea for our long term interest, right?

  6. Re:day in the life of a govt hacker by History's+Coming+To · · Score: 4, Insightful

    It can snap you out of an infinite brain loop though. I've lost count of the number of times I've been stuck on a problem, but solved it pretty quickly after having a smoke. Ditto alcohol, adrenalin and caffeine, anything to get your brain out of the rut it's in. I've also had some insights while using the strongest hallucinogen known, dreaming. Agreed, being perpetually stoned isn't going to help in the long run, but many people working on logic based problems will admit to moderate drug use when they hit a mental block.

    --
    Please consider this account deleted, I just can't be bothered with the spam anymore.
  7. Re:Microsoft must be so pleased.... by Anonymous Coward · · Score: 2, Insightful

    After all this time, you still seem ignorant of the fact that the Siemens controllers for the centrifuges are supported only on Windows.
    The choice of Windows was pushed by the contractors and the hardware selection, not Iran.