Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Security Education

Students Learn To Write Viruses 276

Posted by samzenpus from the mischief-101 dept.
snocrossgjd writes "In a windowless underground computer lab in California, young men are busy cooking up viruses, spam and other plagues of the computer age. Grant Joy runs a program that surreptitiously records every keystroke on his machine, including user names, passwords, and credit-card numbers. Thomas Fynan floods a bulletin board with huge messages from fake users. Yet Joy and Fynan aren't hackers — they're students in a computer-security class at Sonoma State University. Their professor, George Ledin, has showed them how to penetrate even the best antivirus software."
This discussion has been archived. No new comments can be posted.

Students Learn To Write Viruses More

Students Learn To Write Viruses

Comments Filter:

  • Re:zomg zomg first prost! (Score:2, Informative)

    by lgramling ( 1064562 ) on Wednesday August 06, 2008 @08:52PM (#24505069)
    Why don't we try to get the LAST post in the thread. That way we don't have to look at your comment, and you still have the satisfaction of "winning".

  • Re:Not Hackers? (Score:5, Informative)

    by fm6 ( 162816 ) on Wednesday August 06, 2008 @08:57PM (#24505097) Homepage Journal

    In ordinary English, a hacker is somebody who hacks into a computer system. That's not the way you and I use the word, but we're not most people. "Hacker" is one many words that means different things depending on who uses it and in one context. Language is not a map.

    Hackers (in the senses of "improvisational programmer" or "ethical student of security technology") often don't grasp this, and insist that the common usage of "hacker" is "incorrect" — even though the people who use it that way are in the majority. They've tried to get people to say "cracker" instead, ignoring the very small role Nabisco plays in computer security issues.

  • Re:Not Hackers? (Score:4, Informative)

    by jeiler ( 1106393 ) <go.bugger.off@noSPaM.gmail.com> on Wednesday August 06, 2008 @09:25PM (#24505279) Journal

    Hackers (in the senses of "improvisational programmer" or "ethical student of security technology") often don't grasp this.

    Actually, most (if not all) of them do, and take a perverse, quixotic joy in fighting against the majority usage. It's probably an issue of pride ("I'm a HACKER, not some scummy script-kiddie!"). I view it as about as "useful" as OS-flamewars, or endless arguments over editors.

    And while we're talking about editors, don't get me started about emacs. ;)

  • we have that in vienna for years... (Score:5, Informative)

    by Meshugga ( 581651 ) on Wednesday August 06, 2008 @10:27PM (#24505749)

    as a two-semester course.

    It is held at the technical university in vienna and is called "InetSec"

    http://www.iseclab.org/InetSec/ [iseclab.org]

    The course has a very high quality and includes practical exercises like sql exploits, writing buffer overflows, trojans and the like.

    You even get your own automatically generated "1337 handle" upon subscription to the course, and you can advance from "script kiddy" (not homework assignments aka challenges turned in) to "master guru" (turned in everything + extra work + participated in a CTF) - so actually participating in the course is more fun and play than work ;)

    I wonder why that article is news, since there is a CTF (http://www.cs.ucsb.edu/~vigna/CTF/) held every year, where a lot of universities and colleges from everywhere participate - i doubt they don't have similar courses.

    Then again, since the viennese guys kick ass at these contests... ;)

  • Re:Re:Good (Score:3, Informative)

    by scdeimos ( 632778 ) on Thursday August 07, 2008 @01:03AM (#24506623)

    So, police training should involve mugging practice and fire-fighter training should involve learning how to set fires.

    Well, yes.

    Police here (Australia) are forced to undergo being shot by stun guns before they're allowed to carry them on duty. And fire fighters often learn how to set fires as well as putting them out, especially when they start moving into forensics to investigate suspicious fires.

  • Re:speaking of penetration... (Score:3, Informative)

    by KGIII ( 973947 ) <uninvolved@outlook.com> on Thursday August 07, 2008 @02:09AM (#24506873) Journal

    No, no, no... Not more. This is /. after all. I actually read all of it and I did enjoy reading it with all of its insanities but I really don't think that qualifies as a quality post.

  • Re:They need BOTH! (Score:3, Informative)

    by Hank the Lion ( 47086 ) on Thursday August 07, 2008 @03:36AM (#24507257) Journal

    This is an interesting idea, and is what Nokia does on ther Symbian platform in the newest releases.
    The problem with Nokia is that they don't trust their customers to make the decision, so every app needs to be signed by Nokia before it will run.
    This has the advantage that it will be difficult to create and spread malware, but the drawback that it is much more difficult to create your own applications.

  • Re:Penetrate even the best antivirus software? (Score:3, Informative)

    by LinuxDon ( 925232 ) on Thursday August 07, 2008 @07:36AM (#24508139)

    Antivirus software in most cases isn't going to do anything if there is no signature in their database matching the program being downloaded/executed.

    If you write a virus yourself, the signature won't be in the scanner and therefore it will not detect it.

    So: If you want to install a keylogger on someone's computer without the scanner detecting is, then write it yourself and you'll be sure it'll slip right past the scanner.
    Therefore: We can conclude that a virus scanner doesn't nearly provide the kind of protection it claims to provide.

  • Re:"We've Changed this Game" (Score:3, Informative)

    by Opportunist ( 166417 ) on Thursday August 07, 2008 @12:54PM (#24511819)

    Depends on your definition of dangerous. Sasser and Mydoom were certainly dangerous, and were both (one certainly, one likely) developed by a single person without any direct financial interest. Their danger simply lied in the ability to spread insanely quickly even when people didn't actively support the propagation of the malware, due to the ability to spread the worm through bugs in remote procedure call routines.

    For some financial damage, you don't need good writers. Actually, a lot of the current malware is by no means any more sophisticated than the average business application, with a few routines thrown in for hiding and propagation, which have been written once and are now being jumbled by some other third party stealther program to avoid too easy detection. Malware isn't an artform anymore. Analysis of current trojans is tedium. Not a challenge. Very rarely you get some really cool polymorph on the desk, but they're few and far between, usually the rate is about one or two a year. The average trojan today is a variant of something, you can even trace families through the dead code that's still cluttering today's malware, old code that was used a year ago but has no meaning due to changes made to make detection harder, or because the malware got some new task altogether. Recently I analyzed a spambot that was developed out of a bank phishing tool.

    Detach yourself from the idea that malware is something some geek with good ASM knowledge makes. You have groups of coders with varying skill, working together. You have a few good coders that create the stealthing and infection code, and others with less skill who take this and build the "working" part on top of that. Often you can even see that they simply copied some sample code and adjusted it for their uses.

Slashdot Top Deals

On the eighth day, God created FORTRAN.

Close