Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Security Science

Bridging the Gap Between Hackers and Academics 50

Tal Garfinkel writes "There has long been a disconnect between academic computer security and underground forums like Black Hat and Phrack. A new USENIX-sponsored workshop called WOOT (Workshop On Offensive Technologies) is looking to bridge that gap by providing a high-quality, peer-reviewed forum for attack papers, with top reviewers from the academic, open source, commercial IT, and information warfare communities. Got a great attack paper? See if it makes the cut at WOOT."
This discussion has been archived. No new comments can be posted.

Bridging the Gap Between Hackers and Academics

Comments Filter:
  • WOOT? (Score:5, Interesting)

    by EvanED (569694) <(evaned) (at) (gmail.com)> on Thursday May 03, 2007 @12:14PM (#18975035)
    I'm sure the WOOT conference would have been happy to publish "How to 0wn the Internet in Your Spare Time [icir.org]," which, incidentally, has to be the best academic paper title ever.
  • by Anonymous Coward
    can learn a lot from script kitties.
  • Creating... (Score:5, Funny)

    by Billosaur (927319) * <[wgrother] [at] [optonline.net]> on Thursday May 03, 2007 @12:17PM (#18975077) Journal

    ...the Hackademic. Ba-dum-bum. I'm here all week.

  • A gap? (Score:5, Informative)

    by saintlupus (227599) on Thursday May 03, 2007 @12:17PM (#18975085) Homepage
    There has long been a disconnect between academic computer security and underground forums like Black Hat and Phrack.

    Just because "academics" don't introduce themselves as such to the script kiddies, doesn't mean that we're not around.

  • Apparently the disconnect may have to do with how bandwidth works, because that site is slashdotted all to hell now! Either that, or during that long delay, they were hacking into my PC. Anyone else get the jitters when they go to a website about hacking and it just sits there and grinds in the browser?
  • by $RANDOMLUSER (804576) on Thursday May 03, 2007 @12:19PM (#18975121)
    I bet they'd be interested in my design for a chair cannon.
  • by Anonymous Coward
    Damn it! Now whenever I get a good drop and yell "Woot!", people will think I'm a hacker.
  • do you think those black hatties, phrakkers etc need academics or "peer review" ? peers need to get themselves reviewed by the other.
  • Whats the point? (Score:4, Insightful)

    by splug (992725) on Thursday May 03, 2007 @12:33PM (#18975307) Journal
    If it is so cutting edge why the hell is the conference "by invitation only, with preference given to the authors of accepted position papers/presentations". If it suppose to be academic the people with papers probably know this stuff already. Shouldn't it be for everyone? This way no one learns.
    • by blhack (921171) on Thursday May 03, 2007 @01:19PM (#18976095)
      Contrary to what my receptionist believes "Computers" is not one skill. While one person might be especially good at manipulating Wi-Fi networks, another person might be talented at writing kernel-mode rootkits for unix. Still another person might be exceptionally experienced with IBM as400 mainframes and have written papers on the topic. It is by invitation only so that they don't get 2000 fresh out of puberty "hackers" who have never written an application in their life constantly asking them how to hack into pr0n sites and hotmail.

      it is exactly the same as if a bunch of physicists got together for an invitation only conference. Its for academics.
      • it is exactly the same as if a bunch of physicists got together for an invitation only conference. Its for academics.

        Except that academic conferences usually are not invitation only. The general public is kept out by the admission fee (which for academic participants is usually covered by some grant).

    • by Pheersome (116234)
      Calm down. It's sponsored by Usenix, so the accepted papers will be published online, freely accessible by everyone. Also, academic conferences exist to provide a forum for new research, that is, ideas and results that no one save the authors have seen before; therefore, the workshop attendees will in fact learn from their peers.
    • by VENONA (902751)
      Maybe security by obscurity is still considered valid by USENIX conference organizers? :)

      Yes, that is a joke. It's probably due to space limitations, or they don't want it to take on a Black Hat '07 ambiance or something.

      I'd be amazed if at least the best couple of papers didn't appear on the portion of usenix.org available to non-members.
      http://www.usenix.org/publications/library/proceed ings/best_papers.html [usenix.org]

      BTW, the editor has made a *gasp* mistake. USENIX is a professional organization for anyone that us
    • maybe the acdam^wacadamics want 2 keep out teh n00b lamerz coz they wunt 2 stay l33t.

      its like irc. all teh good chans like #fbi-internal make u hack in, kick teh lamerz. only then do the l33t hackorz delurk an teell u teh new scripts.

      hold on, therez a load of swat guyz at teh door.
  • by mcmonkey (96054) on Thursday May 03, 2007 @12:45PM (#18975515) Homepage
    This doesn't seem to have anything to do with hackers at all.

    You want crackers. Two doors down.
    • by Anonymous Coward
      Eric S. Raymond and others like him (and you) like to pretend that there is one "right" word for people who engage technology creatively, "hackers", and another word for people who engage technology destructively, "crackers". This doesn't make you a bad person, but it's a flaming torch you shouldn't waste time carrying.

      "Crackers" is a minority usage even within the hacker community.

      Human language is context-sensitive. This notion that there is one particular word for one thing, and that it cannot be used
      • Besides, I can see how "hackers" would have a problem with this inevitable conversation:
        [Prospective mate]/[Peer to be impress]: What do you do for a living?
        'Hacker': I'm a cracker.
      • by mcmonkey (96054)

        Human language is context-sensitive.

        I agree 99 and 44/100%. My post was not meant to be flamish or trollish or, FSM-forbid, ESRish.

        My post was meant to express, when I read the headline, I thought the article was about the academic, theoretical implementations of information technology and systems vs. the every day practical and actual uses of said technology and systems.

        Of course, once I read the summary I knew otherwise. In the context of a headline on /. (as opposed to a headline on cnn.com or m

    • Help DDOS the next generation. Become a lecturer.
  • If you submit to WOOT and are rejected, they will state "Paper Was Not Designated Useful"
  • by minotaurcomputing (775084) on Thursday May 03, 2007 @12:59PM (#18975723) Homepage Journal
    My paper, "How to Pwn n00b Sys Admins" wuz turned down by teh pier reveiw commitee bcuz they sed i had bad grammer.
    teh suxors im l33t
  • That's not the only party of IRC seeking academic legitimacy. Expect the following in the near future:

    - Proceedings of the National Association for the Advancement of Kiddie Porn

    - Transactions in Piracy

    - Nigerian Finance Quarterly

    - Kawaii! Anime of journal from translate poorly, for sure yes or else!

    - Trends in Russian Credit Card Management

    - Journal of Interactive Marketing
      Oh, wait, this already exists.
  • The name Woot is already taken by http://www.woot.com/ [woot.com]
    • Yeah, I was getting all excited about a magic box that gaps divides between over-schooled, under-experienced weenies and under-aged, over-caffeinated workers in the trenches being on sale real cheap from midnight until sell-out!

      Then I found out they just $t013 t3h nam3! ;-)

  • by Evil W1zard (832703) on Thursday May 03, 2007 @01:40PM (#18976481) Journal
    Anyone else catch that the person posting the article is also one of the Program Chairs for the event. Guess if you want free advertising /. is the way to go! Can't wait to see when Ron J. posts the article for P0rncon here!
  • There has long been a disconnect between academic computer security and underground forums like Black Hat and Phrack.

    And you know what?

    Thank fucking God.

    Thank fucking God.

    Although I do think it's stretching it to call Black Hat "Underground".

    - Jason Scott
  • Hire hackers and you have a veritable unmanageable subverted subculture working in your IT department that can well work against you instad of for (depending on how "ethic" your company is in the eyes of your hackers).

    Hire academics and you'll have pseudosecurity 'cause they got all the theory down but no experience and they do actually care for patents and laws.

    Mix them together and you get a truely useful combination. I see it every day at work. We have a very tight coop with the IT department of the loca
  • "There has long been a disconnect between academic computer security and underground forums..."

    So in other words...connection reset by peer review?
  • Dear Mr. Academic,

    Why is it that you have more years of education than me, yet can't get anything accomplished without calling my help desk at least twice? No, I will not teach you how to use your computer no matter how incompetent you pretend to be. The only thing worse than stupid people is smart people who pretend to be stupid. Didn't you learn anything for yourself in school, or did you just 'delegate' all your homework to the more naive but technically superior classmates you had? You can't live withou
  • When I was in school, the CS profs played basketball and soccer tournaments with the undergrads. I guess it's good that the faculty is spending some time with the grad students playing their favorite extracurricular activies.

    Seriously, it always seemed to me that the grad students did the hacking and it was their advisors' role to run interference.
  • When I first read the article I thought it said UNISEX, not USENIX. Guess I found out where my mind has been for the past few days.

Is a computer language with goto's totally Wirth-less?