US Defense Budget May Help Fund 'Hacking For Defense' Classes At Universities

According to an instructor at Stanford, eight universities in addition to Stanford will offer a Hacking for Defense class this year: Boise State, Columbia, Georgetown, James Madison, the University of California at San Diego, the University of Pittsburgh, the University of Southern California, and the University of Southern Mississippi. IEEE Spectrum reports: The class has spun out Hacking for Diplomacy, Hacking for Energy, and other targeted classes that use the same methodology. The snowballing effort is now poised to get a big push. This month, the U.S. House of Representatives passed an amendment originated by Rep. Dan Lipinski (D-Ill.) to support development of curriculum, best practices, and recruitment materials for the program to the tune of $15 million (a drop in the $700 billion defense budget but a big deal for a university program). In arguing for the amendment, Lipinski said, "Rapid, low-cost technological innovation is what makes Silicon Valley revolutionary, but the DOD hasn't historically had the mechanisms in place to harness this American advantage. Hacking for Defense creates ways for talented scientists and engineers to work alongside veterans, military leaders, and business mentors to innovate solutions that make America safer."

Not needed

" Putin & I discussed forming an impenetrable Cyber Security unit so that election hacking, & many other negative things, will be guarded..
        — Donald J. Trump (@realDonaldTrump) July 9, 2017"

Putin will guard USA, Trump says so himself. So why need American hackers?

It'll be cheaper too, hackers will be paid for by Russia so no need to ask Congress for budget.
And it will be secure too. so-called NSA has that role currently, but they keep leaking stuff to Congressmen and Senators, while Russia keeps stuff secure:
How many of these undisclosed meetings with Russian laywers and intelligence men have we learned about from CIA leaks? Loads! How many undisclosed meetings have we learned about from the Russians they met with? None! SECURE!

Modern entrepreneurial methodology ...

[perpenso]

Its not what you think. It hacking in "old" sense, creative, simple solutions to problems. Not the "new" definition of hacking as in hostile technological attacks.

It looks like they are taking a modern entrepreneurial methodology and applying it to DoD problems. The NSF has been doing this for a while through its variation Innovation Corp (I-Corp) programs, https://www.nsf.gov/funding/pg.... Running academic researchers through this training to increase the success rate of NSF funded research making it to the market.

Notice that the students teams are doing 100 interviews, that sounds exactly like NSF I-Corp. The premise here is to teach academic researchers that whatever ideas they have about the use of their technology is most like crap, that the solutions in their mind are most likely crap. That they need to get their a** out of their office/lab and go talk to real people in the real world. Talk not about your solution, but talk about the people's problems in the domain your solution exists in, what people have tried as solutions, what worked, what didn't, why, ... all the time not contaminating the interview by mentioning or steering things toward your ideas. The academic is merely interviewing to learn about real people, real problems and real solutions, or lack thereof. After 100 such interviews there should be some recurring themes, and these themes should suggest a direction to move in, unlike whatever crap the academics dreamed up in isolation in their office/lab.

Now the academics go implement a solution in a very incremental agile-like fashion. Doing more interviews to validate their solution and their continued progress, to make sure they are on track. Hypothesis, experiment, feedback, repeat.

Its basically applying an agile-like process to business and product development.

This new DoD stuff seems to be trying to get their suppliers to use this approach. Rather than the lets develop a business plan and complete product specification in isolation approach. The "it doesn't have to actually work, it only needs to meet the DoD approved spec" approach.

Meanwhile, the solution to hacking goes ignored

[ka9dgx]

Capability Based Security can actually fix this mess we call "computer security", but alas, it remains an obscure topic.