Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Security Education

After-School Hacking Special 287

securitas writes "The NY Times writes about an after-school program that teaches teenagers how to hack, attack and defend systems. There doesn't seem to have been the same uproar as the virus-creation course at the University of Calgary (see previous Slashdot thread), even though the participants in Tiger Team (the name of the program) are younger than the university students."
This discussion has been archived. No new comments can be posted.

After-School Hacking Special

Comments Filter:
  • Cool Idea (Score:3, Informative)

    by (54)T-Dub ( 642521 ) * <tpaine.gmail@com> on Wednesday June 04, 2003 @12:56PM (#6116749) Journal
    Sounds like a very interesting program. If someone is serious about system security, this seems like the best way to learn.

    I think the program directors argument should qualm any skeptics.

    "Some of them grilled us pretty heavily on the concept of, 'Well, aren't you training hackers?' " he said. "I go, yeah. I have a black belt in martial arts. If I wanted to be a bad guy, I could go and hurt people. But I don't do it. That's not the emphasis of the program."
    • Re:Cool Idea (Score:2, Interesting)

      You don't teach people how to create security systems by teaching them to break into bad systems.

      You teach them to comment their code, watch the buffers and never let programs leave the box unless you absolutly have to.

      This whole hacker mythology is poor.
      • Re:Cool Idea (Score:5, Interesting)

        by ceejayoz ( 567949 ) <cj@ceejayoz.com> on Wednesday June 04, 2003 @01:19PM (#6117000) Homepage Journal
        If it's their own code, yes. What these kids are being trained to do is find holes in other peoples' code, so a company can fix the insecurities.

        There's a good reason people are getting paid $90,000 a year to hack into computers of big companies, despite your scepticism.
      • Re:Cool Idea (Score:5, Insightful)

        by FroMan ( 111520 ) on Wednesday June 04, 2003 @01:21PM (#6117028) Homepage Journal
        In a really simple contrived world maybe.

        Explaining a buffer overflow and actaully programming one are two different things. And programming an expliot for one drives the idea home even better.

        I'm not saying that they should be trying to hack nsa.gov or something. However, when you actaully have a chance to play with a virus or recent exploit in a controlled environment you will get a better understanding.

        That is why folks honeypot and such. They can actually figure out what are the techniques used in the wild and how to defeat those techniques.
        • Re:Cool Idea (Score:5, Interesting)

          by CrayzyJ ( 222675 ) on Wednesday June 04, 2003 @01:39PM (#6117213) Homepage Journal
          Mind if I back this up for you, FroMan?

          My Prof in Netprog showed us a old version of some crappy software (that has been since been repaired). He then installed the code on a server and proceeded to hack into the machine. Seeing this live demo followed up by code analysis REALLY hit home buffer overruns. I really believe this made me a better programmer.

          In this case, we learned to "hack" but there was certainly no harm and no foul. I remember to check/fix overruns, but I would have to check my notes on the steps for hacking it.
      • Re:Cool Idea (Score:5, Insightful)

        by deke_2503 ( 569986 ) on Wednesday June 04, 2003 @01:25PM (#6117065)
        I disagree. Ever argued with a not-so-bright programmer about why ANSI C is better than Borland C, or Microsoft C? They don't care, they don't understand, and all your arguments of "It's better because it's...uh...standard!" fall on deaf ears. Or have you tried to convince someone to write standardized HTML so that you don't need IE to render it correctly?

        Most people don't care about theoreticals. They care about what they can see and what affects them. If you show them their page in Lynx and Mozilla and Opera, perhaps they will understand the need for standardization. If you show them that no one else can compile their program, they might start writing standardized code.

        The point is, people aren't going to understand that they have hackable systems unless you hack them and say, "Look what I found!" By proving the flaws in their systems you inspire them to fix them, creating secure systems.

        Like they say, there's no teacher like bad experience.

      • Re:Cool Idea (Score:5, Informative)

        by Bodrius ( 191265 ) on Wednesday June 04, 2003 @01:28PM (#6117093) Homepage
        Of course, if you're teaching programmers that's the way to do it. But programmers are not the ones who deal with security problems every day, SysAdmins do.

        Typically a SysAdmin staff does not consist of programmers, and even if they are programmers, their job is not to write the security-intensive code and send the company to bankruptcy while they re-implement the OS, the terminal emulators, the network protocol, etc. Their job is to solve problems using the most efficient solution, and this often includes using other people's already developed, tested, code.

        Their job is to install it, configure it, manipulate it and understand at a high level how it works; and when things inevitably go bad, minimize the damage and fix it quickly.

        Learning to predict HOW things can go bad would help a lot.

      • Re:Cool Idea (Score:3, Insightful)

        ChrisNowinski said: "You don't teach people how to create security systems by teaching them to break into bad systems.
        You teach them to comment their code, watch the buffers and never let programs leave the box unless you absolutly have to.
        This whole hacker mythology is poor."

        I agree. Instead of teaching people how to hack systems, wouldn't it make more sense to teach them how to set up firewalls properly, restrict setuid, restrict the number of services running, set up a patching strategy, and run an intr
        • by TedCheshireAcad ( 311748 ) <ted AT fc DOT rit DOT edu> on Wednesday June 04, 2003 @02:43PM (#6117872) Homepage
          What would this interview look like with a smart/tech-savvy HR Drone?

          HR Drone: "So I see you've done an after school program on hacking"

          Kid: "Yes, that's correct. I am a security expert because of it."

          HR Drone: "...So you're a tool"

          Kid: "Well actually sir, I am trying to be a security professional."

          HR Drone: "...So you're a tool"

          Kid: "In this program, sir, we learned the most advanced techniques for securing today's modern computer systems."

          HR Drone: "So you've mastered Windows Update?"

          Kid: (blushes and stares at feet) "...yeah"
        • by PurpleFloyd ( 149812 ) <zeno20@ a t t b i.com> on Wednesday June 04, 2003 @03:13PM (#6118263) Homepage
          Nice troll, but the "Visual Basic development tools" reference put you over the top into unbelivability.

          And to commence feeding: your comment on hacking experience being bad is totally groundless: I wouldn't trust an architect who couldn't tell me the points in a building vulnerable to bombing, and I wouldn't trust a sysadmin who didn't have at least a basic knowledge of hacking techniques.

    • Re:Cool Idea (Score:2, Interesting)

      by tomhudson ( 43916 )
      ... And your first assignment, kids, is to hack into the schoolboard payroll system and give me a raise. First one in gets an "A".

      Doesn't matter what the emphasis is from the instructors' point of view, all it takes is one script-kiddie to hack a site, and the teacher (and by extension, the school) are up for both civil lawsuits and criminal liability (contributing to the delinquency of a minor, etc).

      Especially since he agreed that he was teaching kids to hack.

      Remember, just because you CAN do something

      • Re:Cool Idea (Score:5, Insightful)

        by ceejayoz ( 567949 ) <cj@ceejayoz.com> on Wednesday June 04, 2003 @01:21PM (#6117026) Homepage Journal
        Chemistry classes teach kids how to make explosive materials, physics classes teach the physics of crushing someone's head in with a bowling ball. No court would find them responsible, unless the teacher was encouraging activity.

        From what the article says, he's strongly encouraging ethical behavior. Personally, I wish I had something like this in high school.
        • Re:Cool Idea (Score:5, Insightful)

          by tomhudson ( 43916 ) <barbara@hudson.barbara-hudson@com> on Wednesday June 04, 2003 @01:33PM (#6117145) Journal
          <quote>Chemistry classes teach kids how to make explosive materials, physics classes teach the physics of crushing someone's head in with a bowling ball.</quote>

          I don't know where you went to school, but most of my chem classes were equations, and we never did get to try the "crushing head with bowling ball" in physics. Head-crushing was kind of frowned upon, both during and outside of school.

          If he was really into encouraging ethical behaviour, he'd first teach them the difference between hackers and crackers.

          Then, you've got to keep in mind how insecure most school networks are, and how unsophisticated most adult users at schools are:

          Q: What's your password?
          A: 'password'/'my name'/'my birthdate'/it's written on the post-it on/under/beside the monitor/keyboard/mouse

          Sort of like mixing matches and gasoline. It's not a question of 'if' there's going to be a fire, but 'how badly are you going to get burned'.

          • Re:Cool Idea (Score:2, Insightful)

            by JordoCrouse ( 178999 )
            Sort of like mixing matches and gasoline. It's not a question of 'if' there's going to be a fire, but 'how badly are you going to get burned'.

            You don't seem to have alot of faith in the next generation, or indeed in your fellow human beings. You expound a tired point, which has been used by the less clueful of the world to stop everything from sex ed to skeet shooting.

            The point of this class is twofold - first, much like a karate or skeet shooting class, to teach respect and self control for the skill
            • And you (perhaps purposefully) miss my point entirely. Schools have the weakest network security going. Don't like a teacher? Dump some porn into their folders and rat 'em out. Don't like your grades - change your marks. Don't like another student - ditto. Erase/modify lesson plans.

              <quote>you will always have hackers, just like you will have always (sic) pregenant (sic) teenagers</quote> - and your point is? Sure' we'll always have kids screwing around, that doesn't mean we encourage it on sch

        • http://www.cnn.com/2003/LAW/05/21/ctv.matrix.insan ity/index.html

          There's been cases where defense lawyers faulted the movie "Matrix" for murders so I wouldn't be suprised if the lawyers fault teachers for hacking and bombing cases.
        • Re:Cool Idea (Score:5, Insightful)

          by Bodrius ( 191265 ) on Wednesday June 04, 2003 @01:42PM (#6117238) Homepage
          Not to mention other activities which just as often don't encourage self-control, such as physically intensive competitive sports.

          I think the teacher found a very adequate metaphor: when you teach martial arts you're teaching ways to hurt, and sometimes kill. There is no doubt this sort of knowledge can be misused to hurt people; it was perfected for that purpose.

          Yet it is also taught and learned mostly for other reasons: for self-defense, for sportsmanship, for physical and/or psychological self-improvement. Sometimes kids are taught martial arts to (gasp!) teach self-control, responsability and discipline.

          Society trusts that kind of training because the ethics and discipline are ingrained in the practical teaching, it's not just a chapter and a lecture in the curriculum. Perhaps a similar approach can be used for something like this.

        • by deadsaijinx* ( 637410 ) <animemeken@hotmail.com> on Wednesday June 04, 2003 @01:50PM (#6117314) Homepage
          Like the time I stole the magnesium strips from the chem class and lit my dads car on fire. I said it was the chem teachers fault, but NOOOO, somehow it was MY fault. Damn system fails again.
      • Re:Cool Idea (Score:2, Interesting)

        by Ryan Amos ( 16972 )
        Yes, but any security professional worth his salt knows how to hack. You have to know how to break the system in order to fix it. This includes probing your own code for holes; Microsoft could use people like this to just sit there and pick away at IIS (or some such server software) and find the holes before the software is released. This way nobody else finds them first. Of course, the potential for abuse is high, especially among high school kids, who have no fear of breaking the law, so I don't know that
        • <quote>You have to know how to break the system in order to fix it</quote>

          Actually, that's not quite true. If you've learned how to write good code, and you review someone else's, and it looks like something the dog barfed out, you'll recognize that, because it "just looks bad".

          You'll be suspicious, you'll want to replace obscure/unclear/weird code with clean code. You won't have to test the existing code for buffer overflows, for example, or freeing objects multiple times, because your rewrit

    • I think the program directors argument should qualm any skeptics.

      "Some of them grilled us pretty heavily on the concept of, 'Well, aren't you training hackers?' " he said. "I go, yeah. I have a black belt in martial arts."


      And then he opens up a can of serious whup ass and shuts them up!
      : )

      Hehehe, take THAT skeptics!
  • Yeah! (Score:5, Funny)

    by grub ( 11606 ) <slashdot@grub.net> on Wednesday June 04, 2003 @12:57PM (#6116756) Homepage Journal

    Yeah! Finally we after-schooler AD&Ders have a group nerdier than us to beat up!
  • mmmm yea (Score:4, Funny)

    by nege ( 263655 ) on Wednesday June 04, 2003 @12:59PM (#6116780) Journal
    I would have loved to go to a highschool offering programs like this. It really would have given me something to do other than being a marching band dork. On the other hand, band was one giant orgy, so maybe its best that I stayed away from computers at that point in my life.

    And one time... in band camp... we hacked the white house and asked GWB if he was out of TP.
    • Re:mmmm yea (Score:2, Funny)

      by Anonymous Coward
      On the other hand, band was one giant orgy

      Were you boys all playing the skin flute?

    • Heh, marching bands, helping ugly people get laid in high school since 1903.
  • Now that.... (Score:5, Insightful)

    by Chris_Stankowitz ( 612232 ) on Wednesday June 04, 2003 @12:59PM (#6116787)
    Now that all the other social issues that teens face have all been meet head-on and dealt with, its good to see us turning our attention to more meaty topics.

    Little Johny: Hey, Jimmy try this script out. First one is free tell your friends.

  • Could be useful (Score:5, Interesting)

    by paranode ( 671698 ) on Wednesday June 04, 2003 @01:00PM (#6116796)
    If you educate talented kids on how to defend systems you could produce some very valuable assets to the future security community. Learning how to hack goes hand in hand with learning security because you need to have the same level of knowledge as the hackers (preferably better). If they can see the profit potential of using this knowledge for good then they will probably be swayed from the dark side.
  • by billstr78 ( 535271 ) on Wednesday June 04, 2003 @01:01PM (#6116798) Homepage
    After learning how to break systems fom a prominate IDS designer, I can honestly say that I will design much more secure systems myself. Becuase of my age, I don't feel the need to go out and try what we learned on real systems to see if I can cause havoc.
    However, I wonder why the adults behind this "after school program" think that kids will have the same degree of responsibility that university students do when learning these things. What is to keep them from going out and writing viruses, unleasing them upon the Internet and generally causing lots of trouble after learning how to "protect" systems.
    • An interesting point. With University students, namely engineers, they are required to take at least one, sometimes several ethics courses designed to encourage responsible practices later on in their careers.

      Hopefully, something similar will be put in place for these highschool students, though it may not be as effective due to the generally lower level of maturity.

      • I doubt that ethics courses will really help all that much. As a medical researcher, I've been forced to sit through any number of such classes. I don't think any of them taught me anything I didn't already know, except how to comply with innumerable arcane Federal regulations (which is useful, but isn't really the same as ethics anyway). Most of the ethics components offered useful advice like "Don't lie to your patients." (I never would've thought of that, and now that you've told us, I'm sure all the
        • My engineering ethics professor told us that when we get our first job, we shouldn't try to impress them by "volunteering to all sorts of activities when they are proposed. Instead, don't do any work that's not specifically assigned to you, because the moment you show them that you're competent with other duties, they'll start assigning them to you and you'll never get any free time."

          Granted...that wasn't part of his actual lecture, it was during his Pre-Lecture Ramblings(tm). Still, I didn't think it w

    • It's good to know you considered it useful. I've been completely amazed at the uproar over U of C's virus course. (I'm considering taking it but it doesn't fit into my schedule well. :( ) All these threats like "don't apply for a job here if you took the course". And beautiful circular arguments like "Only bad programmers write viruses so if you take the course you are a bad programmer". Very interesting.
    • I was watching a documentary about teenagers on TLC or Discovery a few months back. They had studies that suggested the part of the brain enables you to predict the consequences of your actions may not develope until the end of puberty . Thus teenagers may be irresponsible becuase their brains are wired that way.
      • How'd this documentary explain the existence of so many responsible teenagers? There are a lot of kids who never got in any serious trouble, are good students, etc.
        • I believe the point was that most teenagers act irresponsible at least some of the time. If you never did anything out of line when you were a teenager then I think you were in the minority.
          • Most adults act irresponsibly at least some of the time.

            If you never did anything out of the line after your second decade of life, then I think you're in the minority.

          • I believe the point was that most teenagers act irresponsible at least some of the time.

            Yeah, but in my opinion, I figure that if that were due to actual phisiological differences you'd have a much smaller minority of kids that were aware of consequences. And I think there are too many "good kids" to set them out as outliers. Rather, although most teenagers do some things wrong from time to time, I think there is a small minority of kids that, for example, get in trouble with the law, or do things that

    • Becuase of my age, I don't feel the need to go out and try what we learned on real systems to see if I can cause havoc.

      So you're saying that it's your belief that older man cannot be unethical?

      However, I wonder why the adults behind this "after school program" think that kids will have the same degree of responsibility that university students do when learning these things. What is to keep them from going out and writing viruses, unleasing them upon the Internet and generally causing lots of trouble aft

    • by EinarH ( 583836 ) on Wednesday June 04, 2003 @01:30PM (#6117127) Journal
      What is to keep them from going out and writing viruses, unleashing them upon the Internet and generally causing lots of trouble after learning how to "protect" systems.
      The same thing that keeps 18-20 years old men fresh out of the military from creating havoc with a weapon: Ethics.

      Most modern civilised societies today train *thousands* of young men to kill, wound, stab and inflict damage on others. Despite this, rarely does it happen that these people use their skills after-hours in an inappropriate way. Of course there are exceptions, for example people with mental illness etc.

      Personally, I have a fully automatic rifle with XXX numbers of shoots stored in my home provided to me by the government. I could easily create a mess with this weapon, or with a shotgun or a pistol I own privately. Despite this I don't.

      As long as the individuals/persons that are taught these skills are enough mature and they are taught ethics and the difference between right and wrong I don't se the problem.
      After all: Deep inside, most people are good.

      It's better that they acquire these skills in a way that gives someone the possibility to correct bad behaviour right then. And besides that it gives them something they can put on their CV and use to get a white-hat job.
      This is a clear example of a case where the positive effects out-weights the negative.

      • Most people are good. But teenagers typically don't fully comprehend the impact of thier actions. Also the gun analogy is not a valid one. In order to "create a mess" with your firearms, you would have to witness the horror caused by your actions and have a high probability of being caught.
        Cracking computer systems is much different. You can do it from the comfort and privacy of your own home. You don't see the greif your actions causes others. It is traditionally much more difficult to get caught.
  • by Idimmu Xul ( 204345 ) on Wednesday June 04, 2003 @01:02PM (#6116809) Homepage Journal
    didn't have any spinny flaming skulls on it, and their wasnt a single biohazard sign anywhere! :(

    I severely doubt it's integrity and capability with regard to teaching me the kiddie skillz I need to get by on IRC nowadays!

    - DemonShadowHa>0rSpawnNeo

    --------------- THERE IS NO SPOON
    --------------- HACK THE MPAA RIAA AND AA
  • by Anonymous Coward on Wednesday June 04, 2003 @01:02PM (#6116812)
    Timmy: Hi Susie!

    Susie: Hi Timmy! Wanna go get a malted milk?

    Timmy: Nah, I've got something keener to do.

    Susie: What then?

    Timmy: I don't think you would get it.

    Susie: Come on! We're best friends, right?

    Timmy: OK then. I'm gonna go home and hack.

    Susie: (pause) Gosh Timmy! You shouldn't hack!

    Timmy: Why not?

    Susie: Hackers are theives and cost lots of folks money! They're akin to a device that breaks the lock on your house!

    Timmy: Aw shucks, you're so old fashioned. I gotta go, see you tomorrow.

    [ Susie walks away sadly. ]

    [ The next day... ]

    Teacher: Rodney?

    Rodney: Here.

    Teacher: Susie?

    Susie (sadly): Here.

    Teacher: Timmy?

    [ silence ]

    Teacher: Susie, do you know where Timmy is?

    Susie: I sure do, Mrs. Martin. He went to jail.

    [ murmurs from the classmates ]

    Susie: He was downloadin' music and stuff, and he got caught. He's really in a darn pickle now.

    Teacher: Class, let this be a lesson to you all. Good kids don't hack. If somebody asks you to hack, just say, "I don't hack. That's whack."
  • NY Times was hoaxed. A yet-to-be-identified prankster took a script for Mary Kate and Ashley action cartoon about an evil-kids hacker school, and submitted it to the Times as a press release.

    And now the story is being spread as true!
  • by mustangsal66 ( 580843 ) on Wednesday June 04, 2003 @01:04PM (#6116827)
    It's great to teach others, but without the background, or the teaching of consequenses (I can't spell worth a damn), that could bite the school in the arse.

    • There are plenty of people (and dare I say many of them read and post on this very site) with the expertise to teach this kind of material, but who believe that an insecure system is an open invitation to wreak havoc on it. Hiring a responsible teacher is equally, if not more, important than making sure that the right messages are part of the cirriculum.
    • doesn't that go with writing? science? Archery? etc...

      I mean if we didn't teach kids to read and right we could control them better.
    • If you would have RTFA instead of blindly commented on asmething that is clearly stated, you would have seen the paragraph
      "The students are getting a good dose of ethics along with some sobering words about legal repercussions. Scheduled guest speakers include a lawyer and a police officer, and Mr. Robinson is hoping to recruit a speaker from the Federal Bureau of Investigation."
      near the bottom.
  • by Trent Polack ( 622919 ) on Wednesday June 04, 2003 @01:05PM (#6116852) Homepage
    I'm still of the mindset that the best way for high school kids to learn things is on their own. No matter what, throughout high school, the most I learned was all on my own time. I didn't have ANY courses in my school about anything related to computers (except a "typing" class), so, in an effort to actually try and challenge myself, I ordered a few books off of Amazon.com, and taught myself C++. And, I think that if I had access to a class that simply taught C++ with proprietary textbooks and software, I wouldn't have appreciated the experience nearly as much.
    • <quote>(except a "typing" class) </quote>

      ... that's waht all the guys did in my old school too (typing instructor was also girls' gym teacher, all the guys thought she was hot, none of the girls could get into the class, since we scarfed all the places).

      Now if the stupid school could make the difference between hackers and crackers ...yeah, like that's ever going to happen - sigh - :-(

    • Exactly right! High School is depressing to me because I'm not learning anything by going to school seven hours a day with some boneheaded Education major "teaching" a class.

      My school [fortbendisd.com] has an AP Computer Science class. The textbook is the most pitiful book I have ever read. Its written by some idiot named Schram. It was often wrong and it was hard to read (because he obviously doesnt know what he is talking about).

      Crappy books and teachers are a major problem with public school. Something needs to be done
      • Oooo, "C++ For You++"? All the people who I've talked to with APCS used that book. I hated that damn thing.... And of course the APCS curriculum is many years out of date; not one program I turned in didn't use the deprecated include style. And when created, the STL hadn't been standardized, so instead of learning vector, list, stack, queue, string, etc., we had to use AP versions of the above (apvector, apstack...). Which meant I took a semester corse in college that was essentially a repeat of the second
  • ...in school and already being turned into fully fledged FTGs (Furry Toothed Geeks).
    Watch this get shut down the instant some newly initiiated script kiddie hacks the school computer systems and defaces their website... The web's greatest game is free again, www.planetarion.com [planetarion.com] to sign up!
  • Wow (Score:5, Funny)

    by stratjakt ( 596332 ) on Wednesday June 04, 2003 @01:07PM (#6116869) Journal
    Tiger team.

    Anyone else see visions of the football team, glee club and chess team in an ad-hoc alliance, beating the living shit out of the "tiger team"?
    • Re:Wow (Score:2, Funny)

      by stanmann ( 602645 )
      Anyone else have visions of the football team, glee club and chess team mysteriously flunking all their classes?
  • by Brushfireb ( 635997 ) * on Wednesday June 04, 2003 @01:08PM (#6116887)
    I'm curious where they get their teachers. In order to make this program worthwhile (IE - the kids learn something about security), you would need someone with some significant experience and knowledge.

    I know that I was in high school a few years ago, the head netadmin/sysadmin was worse than pitiful, a MS Certification only type of person. The only systems he ever hacked into were those in a computer game. Granted, I did go to private HS, and IT was not at the top of their budget priorities.

    Regardless, it brings up a good point of having competent people teaching these types of classes, and how difficult it is for schools feeling the budget crunch to find competency.
  • Great Idea. (Score:5, Insightful)

    by twitter ( 104583 ) on Wednesday June 04, 2003 @01:09PM (#6116894) Homepage Journal
    Everyone has lots to learn and the instructors here know it. This is not how things have worked elsewhere. At least that's how I've heard some "computer" classes go here in Baton Rouge high schools. The kids are banging around with Slackware and Gentoo, while the teachers try to master Front Page. None of those cluefull kids bother with the class. Other programs, such as the one at Baton Rouge High, let the students loose on a BSD network and let them do what they please. If the program listens to their students, they might all learn something.

    We can then hope that industry picks these students up and listens to them. Some companies [microsoft.com] won't like what the clueful have to say about their software. But every other company in the world needs to hear it.

    • Some companies [Microsoft] won't like what the clueful have to say about their software. But every other company in the world needs to hear it.

      Good. The more such hacking and virus writing schools will be around the world the less chances Windows will have to survive on the market.

      All other OS vendors (including/especially OS teams) are adapting quickly (Apple even abandoned their old crap in a favor of BSD), while Microsoft still sticks to the old mix of DOS and VMS.

      Of course the law also will catch

  • Ari Fleischer (holding hands over ears): "What's that horrible noise?"

    Server Tech : "I don't know, sir! It started about 3:15 pm - right after school got out..."

    Webserver: "We're gonna ZOOM, ZOOM, ZOOMA, ZOOM..."
  • by thbigr ( 514105 ) <thebigr314@NOsPam.gmail.com> on Wednesday June 04, 2003 @01:15PM (#6116963) Journal
    *sigh*

    I can remeber when I used to say I was a hacker and that was a good thing. That was back when hacker was closer to the dictionary, a hacker or hack was someone who worked long hours.

    This grumpy old man moment was brought to you by...
  • by nametaken ( 610866 )
    Wasn't everyone throwing a fit about N.Korea doing this, in a slashdot article this week?
  • this is very good (Score:5, Interesting)

    by newsdee ( 629448 ) on Wednesday June 04, 2003 @01:21PM (#6117032) Homepage Journal
    I can relate to this from personal experience.

    During my high school years, I had been banned for a time from using computers at the school library, only because of my programming knowledge was superior to that of the teacher of Computer class (this was 1994 - the guy even thought the Net was an useless fad!). Rumor must have spread that I could hack a machine by looking at it, or something of the sort, since they didn't want me near a two-meter radius of any terminal. At first I didn't give a damn since I limited my computer stuff to home and that class...

    However at some point the professor hired some "security expert" consultant to assess threats to the network, and my name appeared on top of a list of people who allegedly had "hacking tools" in their network space. This was too much (I only used it for school papers, and I could prove it) and I had to go to the professor and threaten to sue for libel. Of course I didn't had to go so far, since the professor apologized, removed my name for the list, and restored my normal access to the library computers. Since then I didn't have any problems (even the librarians asked for help afterwards).

    What the moral of this story? Ignorant professors == bad news. If kids are smart enough to want to learn hacking, or programming, then they should allow their creativity to be expressed. Or else you will fall into idiotic situations like what I have lived.

    PS: As a matter the fact the professor, much to his credit, at some point offered to create a "Linux club" (1995). However, the college grad supposed to sponsor the club dissapeared after the first meeting... so we never had anything... :-( [we theorized that he learned afterwards that Linux was Haxx0r material, so he banned it, but we'll never know for sure :-) ].

  • by zptdooda ( 28851 ) <deanpjm&gmail,com> on Wednesday June 04, 2003 @01:24PM (#6117057) Journal
    This sounds like the North Korean story from a few days ago, so here are lines from both stories and you can guess which article the students are from:

    - "White-hat Hackers" or "Cyber terrorists"
    - "hunger stricken" or "fortified with pizza"
    - "another weapon" or "band of pickpockets"
    - "creating mischief" or "training hackers"

    Not a fair comparison, I know. All of the above is out of context.
  • by Robin Edman ( 648579 ) on Wednesday June 04, 2003 @01:25PM (#6117070)
    ... what a hacker is: http://catb.org/~esr/faqs/hacker-howto.html
  • by jamesmartinluther ( 267743 ) on Wednesday June 04, 2003 @01:28PM (#6117094) Homepage
    While many adults want to shelter our children from anything that may harm them, I would advocate teaching children (at an appropriate age) how to responsibly make use of dangerous tools. These would include using a firearm, various contact sports, martial arts, chemistry, computer security, and so on. Of course, there are morons who will mis-apply their karate or hacking skill, but then there will be many more trained peers to counter them.

    If everyone is equally stronger and more knowledgable, the entire system is stronger. The world cannot be populated with softies who leave security to the "experts".

    - James
  • Contact Info?? (Score:4, Informative)

    by thrillbert ( 146343 ) * on Wednesday June 04, 2003 @01:38PM (#6117204) Homepage
    Anyone have any contact information? I am actually interested in pursuing something like this in my area. Give the teens something to do this summer.

    ---
    It was a book to kill time for those who liked it better dead.
  • At least college students are (hopefully) smart enough to want to learn something serious about computers. With highschool kids, 95% of them would be content with having a button saying "break into someone's system" that would do just that. However, we hope that in our nation's universities, students are taking the computer classes because that is the field they would like to go into, and as such they will refrain from doing stupid things. My college offers a security class, but there is no way to take it b
  • by fjaffe ( 469551 ) on Wednesday June 04, 2003 @01:55PM (#6117382)
    If anyone has any questions about the Tiger Team, I am on the Board of Directors and would be glad to answer them.
  • by thepacketmaster ( 574632 ) on Wednesday June 04, 2003 @02:07PM (#6117526) Homepage Journal
    I don't necessarily see a problem with this. How many 'white hat' do the same things every day in test labs and for clients? This could be good career training for them. However, I've observed kids often view hacking, etc as something cool to do, without thinking of the consequences. While they're running this program, they should be teaching ethics and legality. Otherwise these kids might take this program as a license to hack.
  • Great idea- (Score:4, Insightful)

    by Mu*puppy ( 464254 ) on Wednesday June 04, 2003 @02:09PM (#6117558)
    -for the teacher involved as well. Not only can the teacer gain more knowledge about tools and methods, but the teacher also has the oppurtunity gain the RESPECT of the local script kiddies/hackers, if he/she plays his/her cards right. Most script kiddies/hackers start out with local targets, and considering the age of the kids involved, their current school becomes one of the prime targets.

    Most likely, the teacher involved with a program like this is the defacto 'resident tech' of the school, being the one-person network admin/troubleshooter/etc. Having a face and personality assosciated with 'The Admin, my Enemy' can give a whole new perspective to the 'up-and-coming' hacker. This can be good or bad ('y'know, X isn't so bad, maybe I shouldn't target the school' vs. 'Oh, I -hate- that fscker, time to bring on the hurt'), but at least it can bring up the point that there's a real PERSON behind that box they're hacking. If done right, clubs like this can help cultivate the 'old-school hacker mentality' by having in-depth discussions of ethics, legalities, etc.

    We live in a world where 'morals' are generally defined by social groups. If a kid getting his feet wet is exposed to nothing but script kiddies and their sites, just guess which way he's most likely to turn out...

  • username:anonymoose1 password:aaaaa
  • by Blarfy_Snarflepoop ( 541822 ) on Wednesday June 04, 2003 @03:37PM (#6118473)
    We've released a statement outlining our position [ucalgary.ca]. Happy Reading...

"The following is not for the weak of heart or Fundamentalists." -- Dave Barry

Working...