Do you have adblock enabled?
 
If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(National Journal)   It's the darndest thing, but somehow, after a decade of treating the most innocent hackers as dangerous felons, the US finds itself with a terrible shortage of cybersecurity experts to help it fight off new IT attacks by foreign cyber-criminals   (nationaljournal.com ) divider line
    More: Obvious  
•       •       •

3652 clicks; posted to Geek » on 25 Feb 2013 at 2:55 PM (3 years ago)   |   Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



Voting Results (Smartest)
View Voting Results: Smartest and Funniest


Archived thread
2013-02-25 03:21:15 PM  
6 votes:

EvilEgg: There is no such thing as an "innocent" hacker.  Hacking is illegal, unless you are doing it for the government.  This is true about many aspects of warfare.


and that attitude is why we are up shiat's creek today.  A majority of the hacker community used to probe system vulnerabilities out of sheer curiousity as to how they worked, (doing so for personal gain was considered the height of bad taste)  and they freely communicated thier findings to their targets who were able to use that information to improve security.  Back in the day most exploits were discovered and patched long befor ethey were actually used by someone with malicious intent.  Now, in an era where "jailbreaking" you phon eis a potential felony, such lines of communication have dried up, and the Chinese military is having a feild day with our infrastructure
2013-02-25 03:04:16 PM  
5 votes:

EvilEgg: There is no such thing as an "innocent" hacker.  Hacking is illegal, unless you are doing it for the government.  This is true about many aspects of warfare.


Can't tell if trolling or pathetic dolt.
2013-02-25 03:09:37 PM  
3 votes:
Once again the security state screws itself, don't you feel safer?
2013-02-25 09:52:10 PM  
2 votes:
Maybe they should stop investigating the white hats they asked to help them too.  *Grumble grumble personal experience rabble rabble*
2013-02-25 07:34:43 PM  
2 votes:

MrEricSir: [img705.imageshack.us image 193x263]

Go on, subby. Tell us more about this "decade" of the government mistreating hackers.

While you're at it, tell us what it's like being born in the 90's.


I just came here to question subby's "decade".   I was fiddling with things in the mid to late 80s that taught me a lot, but that could have gotten me sent to juvey or federal prison (depending on how late in that decade).  When I read about Mitnik and (especially) others getting the book thrown--- no, getting slammed over the head by The Book, I decided to adopt a (mostly) more traditional approach to my studies.

/still keep a recent release of Backtrack Linux handy
//only for the purposes of Good
2013-02-25 06:40:10 PM  
2 votes:
There's probably a lot of legitimate, legal career options available for very skilled hackers in the USA.
In China, probably not so much. That, and there's very little chance of the authorities knocking on your door for cracking into some company in the USA.

They're definitely on the right track by identifying potential hackers at an early age. I think the really skilled ones start early and are very dedicated creatures.
2013-02-25 05:35:21 PM  
2 votes:
I'm sitting here surfing Fark at the RSA Security Conference (http://www.rsaconference.com/) with thousands of cyber security experts so I'm really getting a kick...
2013-02-25 04:08:51 PM  
2 votes:
If only there were some Men dressed in black suits from the NSA who could say "Son, we can make all this unpleasantness go away if you just do a little work for us."

I'd do it, but I'd just look like some aging Blues Brother in that black suit.
2013-02-25 03:32:38 PM  
2 votes:

torusXL: EvilEgg: There is no such thing as an "innocent" hacker.  Hacking is illegal, unless you are doing it for the government.  This is true about many aspects of warfare.

Can't tell if trolling or pathetic dolt.


You say that like there's a difference.
2013-02-25 03:08:07 PM  
2 votes:

torusXL: EvilEgg: There is no such thing as an "innocent" hacker.  Hacking is illegal, unless you are doing it for the government.  This is true about many aspects of warfare.

Can't tell if trolling or pathetic dolt.


never attribute ...
2013-02-25 03:03:43 PM  
2 votes:

EvilEgg: There is no such thing as an "innocent" hacker.  Hacking is illegal, unless you are doing it for the government.  This is true about many aspects of warfare.


Actually, I was a legal hacker back in the day - originally it meant somebody who 'hacked' their own stuff, such as a car, to improve performance, looks, whatever.  When I did it it was that I would edit stuff on my own computer to get it to do what I wanted.  I never went for unauthorized access on other systems.

We need the white hats though; people who understand computers at a deeper level and know the methods that could be used to get in, so we can prepare defenses.
2013-02-26 04:33:43 PM  
1 vote:

Magorn: The fed gov has one of the most robust telecommuting policies in the world.  Allowing workers to work from home where practicable is now mandatory and agencies are measured on thier progress towards to goal of having at least 1/3 of thier work force work remotely, hell GSA is now building new offices on the "hotelling model" with no asigned desks and significantly fewer desks than permanent employees to force the issue.


Very good. I believe this fulfills your monthly brown nosing quota. Please fill out FORM-BN-99 (sections 3.1B and 4.5A only. The rest are deprecated after Order 72-B came into effect). Upon completion, submit to your supervisor and you can expect immediate praise and have comfort knowing that you are 2.5% closer to your next promotion!
2013-02-26 04:23:52 PM  
1 vote:

meyerkev: NostroZ: e-christ: asdfbeau: we appreciate that you've spent the better part of your life working to understand every new system possible, and unlock capabilities that were either overlooked, or intentionally hidden...want to move to VA, DC or MD and spend the rest of your life monitoring 1 system and sending emails to some geriatric type-d when something turns the color red?

Sounds like the perfect job!  You can even do it from home... FARK on the beach is calling your name.

Well, it's the government, so that's not an option.  It's more like a constant continuous battle to get something, anything done against the flow of paperwork and sloth, as you work in a highly regulated environment run by officious, nit-picking idiots.

/Seriously, if I took a 40% pay cut just to avoid corporate bureaucracy  imagine how much of one I'd take to avoid government.
//Being able to wear a hoodie and jeans to work is totally worth it.


The fed gov has one of the most robust telecommuting policies in the world.  Allowing workers to work from home where practicable is now mandatory and agencies are measured on thier progress towards to goal of having at least 1/3 of thier work force work remotely, hell GSA is now building new offices on the "hotelling model" with no asigned desks and significantly fewer desks than permanent employees to force the issue.
2013-02-26 08:03:38 AM  
1 vote:

RatOmeter: MrEricSir: [img705.imageshack.us image 193x263]

Go on, subby. Tell us more about this "decade" of the government mistreating hackers.

While you're at it, tell us what it's like being born in the 90's.

I just came here to question subby's "decade".   I was fiddling with things in the mid to late 80s that taught me a lot, but that could have gotten me sent to juvey or federal prison (depending on how late in that decade).  When I read about Mitnik and (especially) others getting the book thrown--- no, getting slammed over the head by The Book, I decided to adopt a (mostly) more traditional approach to my studies.

/still keep a recent release of Backtrack Linux handy
//only for the purposes of Good


Backtrack is very useful for ensuring your own company is PCI DSS compliant.
2013-02-26 08:01:23 AM  
1 vote:

HotIgneous Intruder: This is because most intelligent creative people don't want to work in the imperial security apparatus and those who do can't pass a security clearance investigation and the rest are just half smart authoritarian followers.


Actually it's because most people simply can't do compsci. Their brains just aren't wired that way.
2013-02-26 03:08:16 AM  
1 vote:

EvilEgg: There is no such thing as an "innocent" hacker.  Hacking is illegal, unless you are doing it for the government.  This is true about many aspects of warfare.


The word you're looking for is "cracking". This is short for "criminal hacking", and there is a reason why that is not a tautology.
2013-02-25 10:20:44 PM  
1 vote:
The guv'ment actually has a program where they're giving CS and CpE students (BS and MS) 1-2 year full scholarships if they concentrate on cyber security and work for a federal agency (or a federally funded lab) for at least the length of their scholarship afterward. It was originally called the Scholarship for Service, but then they changed it to the sounds-more-like-something-out-of-a-Hollywood-hacker-movie title CyberCorps. The program only has a few hundred graduates each year, but they're all going into federal cybersecurity jobs. I'm a bit surprised the article didn't mention this at all; they're putting millions of dollars into the program (I think the budget this year was something absurd like 20 or 40 million for a program that gives them about 300 graduates a year)(but I could be remembering that number wrong).

 

asdfbeau: we appreciate that you've spent the better part of your life working to understand every new system possible, and unlock capabilities that were either overlooked, or intentionally hidden...want to move to VA, DC or MD and spend the rest of your life monitoring 1 system and sending emails to some geriatric type-d when something turns the color red?

all you have to do is pass a polygraph and let us contact anyone who's ever known you


Yep... that pretty much sums it up.
2013-02-25 08:52:49 PM  
1 vote:
We're trying to hire people in this area right now (like i got out of an interview with someone 10 minutes ago kind of right now).

It is EXTREMELY hard to find people.
2013-02-25 08:52:26 PM  
1 vote:
Black, white or gray? Sometimes, the hat color depends on who's paying for what.

Qualys makes some very legit tools that can make life very interesting depending on a number of things.
2013-02-25 08:06:16 PM  
1 vote:
we appreciate that you've spent the better part of your life working to understand every new system possible, and unlock capabilities that were either overlooked, or intentionally hidden...want to move to VA, DC or MD and spend the rest of your life monitoring 1 system and sending emails to some geriatric type-d when something turns the color red?

all you have to do is pass a polygraph and let us contact anyone who's ever known you
2013-02-25 07:20:31 PM  
1 vote:

KawaiiNot: K011K172^D11Y010010^D00 1X1


Whoa. Fark hates binary I guess?

You know what...I have a skillset perfect for cyber security and used to have a security clearance so probably could get it renewed...but I have a good job and I don't want to move to DC or wherever. Let me work from home Feds and then I'm all yours!
2013-02-25 06:55:12 PM  
1 vote:

SteakMan: /drtfa
But when I was seriously considering the FBI for employment around 2003, the starting pay was only $45K and you have to live where ever they send you.

I can understand them needing to re-locate you, but I really hope they are offering more to get the needed talent out of the private sector.


That wasn't bad starting income in 2003.  Well, it isn't so bad considering it is starting salary only and that your alternative is working perhaps 45 years in the private sector.  Consider that as a non-agent, professional staff, you can retire after 20 years if you are 60 or after 30 years after age 50.    So you start at age 25, "retire" at age 55 and start your own security consulting business while collecting your retirement check.  Also, consider that your FBI  IT job might be the one that doesn't get exported to places where there are people just as smart as you willing to work for 1/4 the salary.  The pension may only be 25% of your working salary (there's a formula you can find online), but nobody else gets a pension at all any more.  Not real people anyway.  I wouldn't at all say you personally made the wrong decision, but consider that you would have ten year in already had you went the FBI route.

Who I think really screws up is people (like my bro and others i've known) who enter the military and get out in 4 or 5 years.    If you'renot getting shot at, you only had 15 to go until you retire - WTF!  If you are getting shot at you might have even fewer years to go until you "retire". ..
2013-02-25 05:40:50 PM  
1 vote:
/drtfa
But when I was seriously considering the FBI for employment around 2003, the starting pay was only $45K and you have to live where ever they send you.

I can understand them needing to re-locate you, but I really hope they are offering more to get the needed talent out of the private sector.
2013-02-25 04:51:20 PM  
1 vote:
anfrind:


CSB: when I was in high school (class of 2002), my school purchased a bunch of new computers running Windows 98 and a third-party security program called Fortres, to keep students from doing anything they shouldn't do. It was a terrible security program, not so much because it was easy to disable, but because it made a lot of basic tasks (like accessing a floppy disk or a CD-ROM) nearly impossible.

As a result, when I made a boot floppy that could automatically "patch" any of those computers so that Fortres couldn't run (and thus the computer would work like a standard Windows 98 PC), a lot of teachers were actually quite happy to have it. The school's IT guy wasn't so happy, but he didn't freak out over it.


Also a CSB:

In the late 80's I ran the computer labs at a small college, and shared an office with two hardware techies. During the summer we tended to have a lot of time on our hands, so of course we used it to mess with each other... Stupid stuff like changing one's desktop to a photoshopped picture of the victim having sex with a horse, or writing a program that randomized all the colors on their desktop.

One of the techies decided to install a "fortress" type program to lock us out of his machine, which would have been fine except he still kept messing with ours. That would not stand.

We (quite justifiably) argued that he had to give us access to the terminal software on his machine, since he was the only one with a modem. And then I wrote a little TSR keylogger program, uploaded it to the other tech's BBS, where he renamed it ZMODEM.EXE and we re-downloaded it on to our victim's machine and executed it.

When he came back from a service call and typed in the master password, it was copied to the laser printer by my desk. When he went to lunch we changed his master password to "knobhead" (nod to the BOfH)

We figured we'd let him stew overnight. He genuinely believed that he had forgotten the password, evidently he was changing it daily because he was so paranoid.

The next morning we found out that he had spent all night wiping and rebuilding the machine. Ooops. We never did tell him what happened, but he never did re-install that fortress program.

/ Old CS,B.
2013-02-25 04:29:24 PM  
1 vote:

Vast and Trunkless: I know! Why don't we get a bunch of technically illiterate lawyers to reform the legal code!

And since they're technically illiterate, maybe we could have thm be informed by whatever interest groups have enough money to hire someone to inform them on all the important matters! Maybe even draft some legislation for them! What could possibly go wrong?


Zoe Lofgren's been working with actual competent technical people on overhauling the CFAA. It's probably still open for comments.
2013-02-25 04:22:01 PM  
1 vote:
This is because most intelligent creative people don't want to work in the imperial security apparatus and those who do can't pass a security clearance investigation and the rest are just half smart authoritarian followers.
2013-02-25 04:12:08 PM  
1 vote:
Kinda the approach Stalin took with his generals prior to WWII.
2013-02-25 04:11:22 PM  
1 vote:

neversubmit: Marcus Aurelius: EvilEgg: There is no such thing as an "innocent" hacker.  Hacking is illegal, unless you are doing it for the government.  This is true about many aspects of warfare.

I have hacked many many devices.  And they were all mine.  But you are correct, I am hardly "innocent", especially considering what I did to Becky Turner back in high school.

go on...


Oh you know all those toys with easy to reach PCBs and no-name palm-pilot knock-offs were just the tip of the iceberg...
2013-02-25 04:03:44 PM  
1 vote:
The cries of "How dare he mess with a highly sensitive system"  always seem funny to me.   Mainly because people like to criminalize people who "do things" to their "stuff".       And they want to be able to see these "bad people" so they can be bought to justice.

People like to use the "If a door is locked and you open it its a crime, it should be the same for a computer"  argument. The one thing people fail to realize is that the lock on your door has had hundreds of years to reach a point where it is considered a strong measure of security.

Is it a crime?  To the letter of the law, yes.   However, we have been missing out on these chances to improve and improvise because we believe ourselves to have nothing left to learn and nothing to improve upon.     Instead everything is a knee jerk reaction to maintain the status quo in the name of safety as if we feel that we have innovated enough.  So now you have these hackers outside the US... mostly untouchable, who have been able to innovate and continue to grow and they have gotten very very good.    Hopefully this serves as a wake up call.
2013-02-25 04:00:51 PM  
1 vote:
There are no "Hackers" and there is no "Hacking" going on.

Now go back and vote more creationists in to your Congressional Science Committee, and be sure to buy more guns because the mean ol' guv'mint said you cant.
2013-02-25 03:49:58 PM  
1 vote:

MrEricSir: Magorn: MrEricSir: [img705.imageshack.us image 193x263]

Go on, subby. Tell us more about this "decade" of the government mistreating hackers.

While you're at it, tell us what it's like being born in the 90's.

Mitnick 's  weak sauce defense of "well I only used SOCIAL engineering to steal passwords and entirch myself, not software." doesn't make him much of martyr, and when he started farking with the e-911 system, what was his "white hat" intent?

No, what makes him a martyr is being jailed for years without trial.


You mean after he broke his probation he got automatically sent to jail for the remainder of his original sentence without further trial?  If that makes him a martyr, half the US prison population is right here with him.  Mitnick was a classic example of Snowflake Syndrome: he figured he was so bright that the rules simply didn;t apply to him, and so he was reduced to whining about how horribly UNFAIR it was when the government insisted that they actually did.  Did the prosecution go overboard?  Yes, yes they did, but as a former criminal law attorney, I'll let you in on a little secret: they ALWAYS go overboard,   but when they are charging a big scary black guy with 100 counts of possession with intent to distribute because they busted him with one key of crack, you cluck and say "if you can't do the crime, don't do the crime".  It's only when the hamme of "justice" comes down on someone you can identify that you start looking into how unfair it all is and come away believing how uniquely screwed the guy in that one case was.

Mitnick enriched himself off his hacking, that makes him a thief not a hacker in my book
2013-02-25 03:43:34 PM  
1 vote:
Was "Dumbass" tag unavailable? Talk about a war to lose, they've alienated anyone local who might help and were getting pounded on the foreign front.
2013-02-25 03:41:15 PM  
1 vote:
I think it would help if people dropped the zero tolerance policy.  There have been a few stories on fark where a hacker has reported a flaw in a company's security and been brought up on charges for it.
2013-02-25 03:38:51 PM  
1 vote:

Magorn: MrEricSir: [img705.imageshack.us image 193x263]

Go on, subby. Tell us more about this "decade" of the government mistreating hackers.

While you're at it, tell us what it's like being born in the 90's.

Mitnick 's  weak sauce defense of "well I only used SOCIAL engineering to steal passwords and entirch myself, not software." doesn't make him much of martyr, and when he started farking with the e-911 system, what was his "white hat" intent?


No, what makes him a martyr is being jailed for years without trial.
2013-02-25 03:27:29 PM  
1 vote:
Zero Tolerance in schools spills over into HR departments, and this is what happens. any questions?


/The only people allowed in most companies these days that have records are the CEOs.
2013-02-25 03:26:59 PM  
1 vote:

MrEricSir: [img705.imageshack.us image 193x263]

Go on, subby. Tell us more about this "decade" of the government mistreating hackers.

While you're at it, tell us what it's like being born in the 90's.


Mitnick 's  weak sauce defense of "well I only used SOCIAL engineering to steal passwords and entirch myself, not software." doesn't make him much of martyr, and when he started farking with the e-911 system, what was his "white hat" intent?
2013-02-25 03:24:21 PM  
1 vote:

itstehpope: torusXL: EvilEgg: There is no such thing as an "innocent" hacker.  Hacking is illegal, unless you are doing it for the government.  This is true about many aspects of warfare.

Can't tell if trolling or pathetic dolt.

I'd go with dolt myself.  Too many people claim to know all about hackers and whatnot but have no idea why I giggle when someone has a voice vlan of 2600...


I know a ton about hackers, man; I even watched that one documentary that had a young Angelina Jolie.
2013-02-25 03:10:36 PM  
1 vote:

torusXL: EvilEgg: There is no such thing as an "innocent" hacker.  Hacking is illegal, unless you are doing it for the government.  This is true about many aspects of warfare.

Can't tell if trolling or pathetic dolt.


I'd go with dolt myself.  Too many people claim to know all about hackers and whatnot but have no idea why I giggle when someone has a voice vlan of 2600...
2013-02-25 03:09:54 PM  
1 vote:
The only real difference between a good sys admin and a hacker is who signs their paycheck.

They both use the same linux boot disk to recover passwords, they use the same network port scanning tools, etc.
2013-02-25 03:09:15 PM  
1 vote:

torusXL: EvilEgg: There is no such thing as an "innocent" hacker.  Hacking is illegal, unless you are doing it for the government.  This is true about many aspects of warfare.

Can't tell if trolling or pathetic dolt.


"There is no such thing as an "innocent" shooter. Shooting is illegal, unless you are doing it for the government. This is true about many aspects of warfare.
2013-02-25 02:46:37 PM  
1 vote:
There is no such thing as an "innocent" hacker.  Hacking is illegal, unless you are doing it for the government.  This is true about many aspects of warfare.
 
Displayed 41 of 41 comments

View Voting Results: Smartest and Funniest


This thread is archived, and closed to new comments.

Continue Farking
Submit a Link »
On Twitter






In Other Media


  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.

Report