Return-Path: <sentto-279987-5021-1027395806-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Mon, 22 Jul 2002 20:47:08 -0700 (PDT) Received: (qmail 30285 invoked by uid 510); 23 Jul 2002 03:42:35 -0000 Received: from n8.grp.scd.yahoo.com (66.218.66.92) by all.net with SMTP; 23 Jul 2002 03:42:35 -0000 X-eGroups-Return: sentto-279987-5021-1027395806-fc=all.net@returns.groups.yahoo.com Received: from [66.218.66.96] by n8.grp.scd.yahoo.com with NNFMP; 23 Jul 2002 03:43:26 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_7_4); 23 Jul 2002 03:43:26 -0000 Received: (qmail 53920 invoked from network); 23 Jul 2002 03:43:26 -0000 Received: from unknown (66.218.66.216) by m13.grp.scd.yahoo.com with QMQP; 23 Jul 2002 03:43:26 -0000 Received: from unknown (HELO red.all.net) (12.232.72.152) by mta1.grp.scd.yahoo.com with SMTP; 23 Jul 2002 03:43:26 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g6N3jH405561 for iwar@onelist.com; Mon, 22 Jul 2002 20:45:17 -0700 Message-Id: <200207230345.g6N3jH405561@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Mon, 22 Jul 2002 20:45:17 -0700 (PDT) Subject: [iwar] [fc:Hacking.in.the.name.of.security] Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Status: No, hits=0.0 required=5.0 tests=DIFFERENT_REPLY_TO version=2.20 X-Spam-Level: Hacking in the name of security <a href="http://www.cnn.com/2002/TECH/internet/07/20/hackers.meeting.reut/index.html">http://www.cnn.com/2002/TECH/internet/07/20/hackers.meeting.reut/index.html> CNN via Reuters 'A little odd sometimes, but very, very smart' July 20, 2002 Posted: 8:45 AM EDT (1245 GMT) NEW YORK (Reuters) -- Barry "The Key" Wels picks locks for the sport of it, but also to make a broader point. He fiddles with tumblers and cracks safes for fun, and to alert the security industry to the weaknesses of many locks, which serve as a bulwark of society's physical safety. Locks, whether keyed or combination, melt like butter in his hands. Lock pickers and safecrackers share with computer hackers a common fascination with exposing security "vulnerabilities." The fraternity of security violators surfaced at a rare meeting of the U.S. computer underground in New York recently that drew 2,000 Internet enthusiasts and security professionals. "It's real easy, it's real addictive ... to open a lock in two or three pops," said The Key, who is also an active computer hacker and cryptology buff. He's just one of the scores of speakers to discuss in intimate detail how one can beat the security systems found on computers, networks, telephones, radios, encryption, office security cards, keypads as well as doors and bank safes. The event has a curriculum of borderline criminal computer skills like no school on Earth. It's not every conference where a speaker asks his audience: "How many people have written a computer virus before?" and several hands shoot up. This may strike the casual observer as a school for scandal in the spirit of Moliere or Dickens. But the event is seen by many sober-minded computer experts who attend it as essential information-sharing, a test of the health and security of an open society. The logic follows that the best way to defend against viruses is to learn how to write one. Such frank discussion of security vulnerabilities is viewed as the final defense against really dangerous computer attacks or online privacy invasions. "It tells you where the state of the art is, or at least where 90 percent of mainstream hackers are headed," said a U.S. Navy computer intelligence officer, who goes by the online pseudonym of "NetSquid." The three-day conference known as H2K2 -- short for Hackers 2002 -- was organized by the publishers of 2600, a magazine sold in suburban bookstores that celebrates the culture of computer hacking. To preserve anonymity and draw the largest crowd, no names are taken at registration. "There is no other meeting in the world where you run into more elite hackers," said the Navy computer expert, who asked that his real name not be used. "What really startled me is how upright they are. Quirky, a little odd sometimes, but very, very smart," he said. The agenda is located on the Web at http://www.h2k2.net. Computers, a hacker's caffeine The hacker crowd draws lots of teen-agers and twentysomethings, some with blue hair, others wit h peach-fuzz still on their cheeks. They mix with 50-year-old hippies who in some cases got their start breaking into old Ma Bell phone systems, years before computers went mainstream. Men (and boys) outnumber women (and girls) roughly 20 to 1 at the event. Participants share a love of all things electronic and gadgety. Many say their interest in computers started young, when alienated from a wider culture that lacks their easy facility with complex numbers. They found meaning and community online, in the cloak and dagger world of computer security. The audience drinks in computer screens, with a passion that most people reserve for slurping their first cup of coffee in the morning. "I've got to get on a computer or I'm going to die," one fish-out-of-water complains as he hurries between meetings. Mike Glaser, a sales representative in the access control device industry, stands out from the slacker crowd with his slick-backed hair and two-piece suit. He cautions listeners during a presentation on his latest product line-up that, "Everything has it's weaknesses. If you can find it, you are going to be a very rich, or a very jailed person." "You didn't hear it from me," said Glaser after revealing a security detail known largely only to industry insiders. Noticeably absent is any sign of the police, although participants commonly believe that there are government agents circling in their midst. The conference program warns: "This hotel is our home for the weekend and there will be more authority types in proximity than you can imagine." Studying crimes to thwart them The participants are defensive about being labeled bad guys, just because they like to break into places. "We explore and you call us criminals. ... Yes, I'm a criminal, my crime is that of curiosity," said "Mentor", a hacking pioneer whose real name is Lloyd Blankenship. The Texan wrote "Conscience of a Hacker," which has become a kind of credo for young hackers since he wrote the essay in 1986. He gives an inspirational pep talk to hundreds of adoring spectators, some of whom were not yet born when he wrote his passionate defense of the art of exploring computer systems. But for all their efforts to whip up positive feelings about the art of the break-in, there is a level of paranoia that goes with the territory. "It's best to change all your passwords after you leave this conference," one teen-age hacker helpfully advises a bystander at the conference. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Will You Find True Love? Will You Meet the One? Free Love Reading by phone! http://us.click.yahoo.com/7dY7FD/R_ZEAA/Ey.GAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2002-10-01 06:44:31 PDT