Well it is summer here in Delhi, India and hacking season has just begun.
Some noteable hacks that have already played-
1) The adventures of Sony Websites and bumbling administrators
2) The loose passwords of InfraGard as played by Lulz Security
http://www.computerworld.com/s/article/9217320/LulzSec_claims_it_hacked_FBI_linked_organization
3) PBS website hacked to revive Tupac is alive myths.
http://blogs.forbes.com/andygreenberg/2011/05/30/pbs-hacked-after-critical-wikileaks-show/
4) Iranian computers hacked
5) Google hacked (not by China)
http://www.zdnet.com/blog/security/google-chrome-hacked-with-sophisticated-exploit/8626
6) Google hacked (again by China)
http://googleblog.blogspot.com/2011/06/ensuring-your-information-is-safe.html
7) US State Department hacked (by you know who)
8) Iranian nuclear reactors hacked (old news but we like this one)
http://www.bbc.co.uk/news/technology-12465688
9) Julian Assange hacked
http://www.guardian.co.uk/media/2011/feb/07/julian-assange-prosecutor
okay Julian got hacked by the oldest hack trap in the world but it is still pertinent.
So how the fuck do we control these evil hackers.
- Show them money
- Show them Jesus
- Throw them in Jail
The correct solution to bring talented members of the technical community back into the nice air contioned corporate tent of technology is to-
- Sponsor Hack My Website Contests- Winners have to share techniques
- Sponsor Hack this Search Engine Rank Contests- Winners have to share technique
- General Amnesty for people who have hacked before provided they share techniques and agree to join security teams.
- Sponsor hack this login id contests- Winners have to share techniques and work to develop fool proof system.
Unfortunately this will never happen. even the big grand Daddy , Google is willing to define hacking contests only in the narrow frame o technical hacks, rather than a system breach hack. Because system breach hacks generally happen at the people level.
Internal cover your assets mentality prevents technology and media employees from reaching out and helping create a secure online platform, thus harming shareholders.
Destruction testing (even in a controlled sandbox) of online systems would reveal the underbelly of corporate information technology.
I mean who wants to sponsor a hack contest that makes you look bad, when it is much more expensive to have a hacking attacks that decreases share price, but doesnot affect your salary.
We have gone in for crowd sourced coding.
How about incentivizing crowd sourced systems design for secure and free internet.
http://rewiredstate.org/ does it.
Apparently UK is more open for hackers than the US.
–
Coding a Better Country
May 7th, 2011 sees the first Rewired State ALBA event out in Norfolk. More details here.
March 26, 2011
We are very excited about our THIRD National Hack the Government Day, being held on the 26th March.
1) Apps that save money or time or both for government/citizens/business
2) Best use of crime data (the prize will contain the number 300,000, but it won’t be pounds)
3) Best use of justice data (we’re working to arrange for previously unreleased data to be available on the day)
——————————————————————————
Any takers? Julian, ?
DECISION STATS 