PDA

View Full Version : Ethical Hacking?



twomers
06-19-2006, 03:02 PM
So I read this, and I thought "Is this serious!?!?!?!"

this (http://www.theregister.co.uk/2006/06/19/hackers_background/)

Quantum1024
06-19-2006, 03:14 PM
I don't really see anything wrong with this. Hacking in the security sense is simply finding security holes in systems. This course could have been named "secure coding practices" to attract less negative publicity.

twomers
06-19-2006, 03:18 PM
Some google-esque definition of hacking is: Unauthorized use, or attempts to circumvent or bypass the security mechanisms of an information system or network.

My major amusment in it was the ... non-sensicality (sp?) of it. How can the above be ethical? Don't mention that this isn't a Philosophy Forum please!

Mario F.
06-19-2006, 03:30 PM
The definition is wrong. That is the... popular view of hacking.

Regardless, these students will learn how to use modern hacking techniques in order to create and maintain security systems. It's not novel by any means. Many companies already employ so-called hackers. In fact, you have to know about hacking in order to effectively protect against unauthorized access and use.

SniperSAS
06-19-2006, 03:36 PM
if jesus wanted people to be able to hack he would have given them USB ports thus there is no such thing as ethical hacking

psychopath
06-19-2006, 05:48 PM
Hallelujah brother.

sean
06-19-2006, 09:50 PM
I agree with Quantum1204 - the wording is obviously attracting negative publicity. Considering how easy it would have been to avoid this negative publicity, I am skeptical of the competence of the program's administrators.

Wraithan
06-19-2006, 10:10 PM
Just from my experience, I learned how to do SQL injection in order to prevent and test against it. Along with a lot of other techniques to breaking into databases without permission.

This was all part of learning to code a secure login system for at work.

major_small
06-21-2006, 12:11 AM
"hacking" really just means finding alternative methods of doing something not intended by it's designers.

"cracking" is what you're referring to. That's when you're gaining unauthorized entry, etc. etc.

The best security courses teach you how to break things so you know how to prevent others from doing it.

Wraithan
06-21-2006, 12:19 AM
http://dictionary.reference.com/browse/hacking

definition 3b:To gain access to (a computer file or network) illegally or without authorization: hacked the firm's personnel database.

http://dictionary.reference.com/search?q=cracker

definition 2d:One who makes unauthorized use of a computer, especially to tamper with data or programs.

If people want to get all picky about definitions...

major_small
06-21-2006, 12:59 AM
http://www.cultdeadcow.com/cDc_files/cDc-0037.php

any major hacking group will tell you that definition is wrong.

novacain
06-21-2006, 01:02 AM
Many companies get software tested with a DREAD (and use STRIDE) rating regularly as a requirement by their customers, particularly in financials.

This rating shows how easily (and how much damage) can be done by a hacker of any given experience level.

How is it worked out? By hacking the software.....

Google it....

Mario F.
06-21-2006, 05:09 AM
The hacking versus cracking argument all over again. After so much virtual ink has been spilt over this, and we still have people confusing both words... *sigh*

Has major_small said those definitions are wrong. The term has been abused all over the years and is now mostly widespread. Escpecially by the media. They are the biggest culprits on the destruction of a perfectly acceptable word. You would have to be around during late 80s and early 90s to understand exactly what I am talking about.

There is such a thing as ethical hacking. Capiche?
Many companies hire people to get into their system, exploits their weaknesses and then build the needed security measures.

Welcome to the real world of hackers.

sean
06-21-2006, 06:16 PM
Definitions change, people. If the majority of the world thinks that hacking refers to illegally gaining access to or control of a computer system, who gives a crap what Webster says? People who use the word 'hacking' and are appalled when people misunderstand them need to work on their communication skills.

maxorator
06-28-2006, 05:33 AM
After I learned SQL injections I found several security holes from my web site.
So these things are actually useful for making secure things not only for breaking into non-secure things.

SlyMaelstrom
06-28-2006, 05:55 AM
SQL Injection? I haven't seen that considered cracking in a long time. If you look at a website like http://www.hackthissite.org, their tests are so outdated and simple that you wouldn't be able to crack the simplest of secure web servers. And yet, it's riddled with thousands of kids looking for help on the first test so they can crack their school database and change their grades.

As web security gets more standard, I think attempts at bypassing them will fade. When one type of web security gets cracked, all the sites switch to another. And by the time that's cracked, the first one has updated their security. Even brute-forcing is being taken out of commission with those authorization code pictures. Not to say cracking will go away completely, but it used to seem like the crackers always maintained control, but now it seems like the security is taking it back.

I apologize, I didn't even read the original post and have no comment on it.

joeprogrammer
06-28-2006, 04:13 PM
Background checks? It might do some good. But just try picking up a book about computer and internet security, and they say exactly how to hack a computer, but for a system adminstrator. You do NOT need to take a hacking course to figure out how to hack a computer. Looking at the number of C++ self-taught programmers (me included), the only thing that stops people from becoming hackers turns into more of a moral issue than a how-to issue.

That's my opinion.

Tonto
06-28-2006, 06:04 PM
Just for a funny perspective, here's hackthissite's view on the issue. http://www.criticalsecurity.net/index.php?showtopic=13302

It's a really stupid conversation, but this one is hardly any better.