Saturday, August 8, 2009

Bemoaning the death of Hacker culture

As the security industry has really changed a lot in last 5 years. If we see I past the industry is much larger in public profile and much better funded across the board. As if we remember in the dark ages of 1999, the main reason people chose to get into this field of cyber security was to “live the Hacker culture 24x7”. The word which we call it is linkspamopedia for a definition:

"In academia, a hacker is a person who follows a spirit of playful cleverness and enjoys programming. The context of academic hackers forms a voluntary subculture termed the academic hacking culture."

This is the main reason why they prefer security industry. As after completing the college, there is the lot of time to develop you in field of programmer. It’s a very interesting job.


In 2007, I get the feeling that professionals are entering the information security field to become some sort of a "digital security guard". Let's check the definition again:

"A security guard or security officer is usually a privately and formally employed person who is paid to protect property, and/or assets, and/or people. Often, security officers are uniformed and act to protect property by maintaining a high visibility presence to deter illegal and/or inappropriate actions."

As a subscriber to the Hacker culture School of Information Security, if I get an IDS/IPS analyst job, the first thing I am going to do is take my IDS/IPS equipment apart. Blast it with all sorts of horrendously mangled traffic, see what gets by it. I'll try to understand what types of shell code can defeat its monitoring capabilities, perhaps it can detect covert channels by looking at the randomness in the distribution of character sets. Perhaps it can't detect a simple shell that is XORed with a predetermined value. You get the idea. I can then apply what I have learned about the chinks in the armor of my primary defensive weapon, so I know which attackers are going to be able to defeat my tools.

A subscriber the Rent-a-cop School of Information Security will likely spend his first month implementing signatures to catch employee's playing fantasy football. He'll push for even more draconian policies to restrict something that is actually useful to the business and poses little to no threat, such as not allowing employees to use a non-standard file compression. All the while, the 21st century digital security guard quietly plays fantasy football and runs winrar on his corporate laptop. Meanwhile, the Canadian Mafia (Yes, there is a Canadian Mafia, No it's not always the Russian Mafia) snags 21 million credit cards through his IDS/IPS he hasn't bothered to understand.

No comments:

Post a Comment