How an Aussie University Creates the World's Best Hackers

← Back to Stories (view on slashdot.org)

How an Aussie University Creates the World's Best Hackers

Posted by samzenpus on Sunday May 12, 2013 @05:08AM from the advanced-hacking-101 dept.

bennyboy64 writes "An Australian university appears to be excelling at cultivating some of Australia's best computer hackers. Following the University of NSW's students recently placing first, second and third in a hacking war game (the first place winners also won first place last year), The Sydney Morning Herald reports on what exactly about the NSW institution is breeding some of Australia's best hackers. It finds that a lecturer and mentor to the students with controversial views on responsible disclosure appears to the be the reason for their success."

16 of 76 comments (clear)

Min score:

Reason:

Sort:

Makes Sense by phantomfive · 2013-05-12 05:14 · Score: 5, Insightful

In Universities, it turns out that the individual professors are the most important part of a quality institution. At a small university, a single quality professor can make a huge difference.

--
"First they came for the slanderers and i said nothing."
1. Re:Makes Sense by Noishe · 2013-05-12 05:48 · Score: 4, Insightful
  
  Just as my mod points expire...
  You're absolutely correct that it's the teachers that matter and not the institution.
  Mind you, the institution also has to have the right culture in place to first attract and then tolerate the actions of teachers like this. I would also extend your point, and say that the professors matter just as much at a large university as they do at a small one.
2. Re:Makes Sense by wisnoskij · 2013-05-12 07:07 · Score: 2
  
  Well in a large one where you are in classes of 400 plus students, I would say that individual professors matter less that one where you are in classes of 20.
  In the first one you will not get to see him in-between classes for help (that will be left up to his army of TAs), and you will be sitting so far away your only interaction is likely to be watching the slides that his TAs prepared and listening to a speaker as he reads them.
  
  --
  Troll is not a replacement for I disagree.
3. Re:Makes Sense by manu0601 · 2013-05-12 14:58 · Score: 2
  
  It is true for any enterprise, whether being an university or a corporation. Things are done well or badly by humans, not by the walls that surround them, or the uniforms they wear. Policy that try to turn individuals into disposable resource might succeed at industrialize something well known, but it will starve at being remarkable.
An eminently sensible policy by Anonymous Coward · 2013-05-12 05:26 · Score: 2, Insightful

"We say that you should do whatever you want with the exploit. It's your vulnerability, you found it, it's your thing. You have no obligation to report it at all. In fact, reporting it can get you into a lot of trouble."
1. Re:An eminently sensible policy by westlake · 2013-05-12 05:46 · Score: 4, Insightful
  
  "We say that you should do whatever you want with the exploit. It's your vulnerability, you found it, it's your thing. You have no obligation to report it at all. In fact, reporting it can get you into a lot of trouble."
  It is not your thing ---
  and it is precisely this kind of thinking that brings the hacker increasingly into conflict with society and the law.
2. Re:An eminently sensible policy by gagol · 2013-05-12 05:53 · Score: 5, Insightful
  
  Going legal after people disclosing vulnerabilities got us where we are. If you are not opened to receive security status about your [system/software/network] get prepared to be hacked because you backed the very people willing to help you in a corner.
  
  --
  Tomorrow is another day...
3. Re:An eminently sensible policy by gagol · 2013-05-12 09:28 · Score: 3, Insightful
  
  In the beginning, people were reporting that shit. Then lawyers got involved. This is when the SHTF. Because we don't know if we are going to end in court or not, we prefer to shut up and let them bath in filth.
  
  --
  Tomorrow is another day...
4. Re:An eminently sensible policy by plover · 2013-05-12 09:32 · Score: 2
  
  The article quotes the professor's example of a guy who revealed a flaw to a company that they were exposing hundreds of thousands of people's financial accounts. All he did was to change the user ID in his URL to some other number, which was a different person's account. He knew that his own information was at risk, and wanted the company to fix their badly written web site.
  The reward for his reporting effort was a police investigation, and the company threatened him with the liability of the costs of fixing the flaw.
  Sure, many companies will take a security report and say "oh, crap!" They'll then scurry about and fix the problem. They might say thank you, they might not. But the truth is some companies are run by total douche-nozzles who respond with threats.
  When it's a possibility that companies will respond by acting as completely irrational and irresponsible as this, the professor is doing the right thing by teaching the students "don't assume any good will necessarily come from what you've done." If you monetize the flaw by selling it, someone else assumes the risk. They might buy it to exploit it, or they might hope to turn it into a reward.
  His advice is to avoid the conflict entirely. It's amoral, but it's very practical advice that will keep you personally out of jail.
  
  --
  John
GCHQ by Anonymous Coward · 2013-05-12 05:27 · Score: 3, Interesting

Or maybe it's because the curriculum is designed so that Defence Signals Directorate (the Aussie equivalent of GCHQ/NSA) can go there and have a one-stop shop for their new recruits...
Re:Good by Anonymous Coward · 2013-05-12 05:37 · Score: 2, Funny

You sir get the off-topic redneck award of the day.
Part of it is that they've been at it for a long . by Coeurderoy · 2013-05-12 05:41 · Score: 4, Interesting

Part of it is that they've been at it for a long time... http://en.wikipedia.org/wiki/Lions'_Commentary_on_UNIX_6th_Edition,_with_Source_Code Lions was at the UNSW, getting student to have access to code seems to be a tradition there. I also met a couple of very talented people who got their degrees there in the late 70's early 80's and worked with some of them... It just shows that the right way to run an university is not to worry too much about the curriculum and do the unexpected, even the vaguely illegal. BTW it seems the equivalent document he wrote about the pdp11 unix C compiler is not avaiable, it's sad it was very interesting.
Australian schools have magic by Anonymous Coward · 2013-05-12 05:58 · Score: 2, Funny

As I learned from this video last year. It's a snap.
Re:Richard Buckland by Vylen · 2013-05-12 12:44 · Score: 2

Richard Buckland is currently working on internet voting and the security involved around that.

Fionnbharr Davies is actually an ex-student of Richard.

I know this being a UNSW graduate and a student of Richard as well :)

Fionnbharr was quite the unusual character but quite devoted to his studies cause he just found it fun. No surprises here that he enjoys lecturing for the same reasons!
Re:Richard Buckland by Anonymous Coward · 2013-05-12 13:22 · Score: 2

Richard Buckland is currently working on internet voting and the security involved around that.
Fionnbharr Davies is actually an ex-student of Richard.
I know this being a UNSW graduate and a student of Richard as well :)
Fionnbharr was quite the unusual character but quite devoted to his studies cause he just found it fun. No surprises here that he enjoys lecturing for the same reasons!
Richard Buckland is the one who organises these courses; He gets Fionnbharr and Brendan to run them.
Re:Cracker by phantomfive · 2013-05-12 17:50 · Score: 2

FYI that ship sailed decades ago.

--
"First they came for the slanderers and i said nothing."