Forgot your password?
typodupeerror
Programming

Facebook Helps Give Hacking a Good Name Again 52

Posted by Soulskill
from the that's-our-word dept.
Hugh Pickens writes "Ira Winkler says whenever he sees another 'cyberchallenge' getting play in the press, he think our priorities are screwed up. 'People seem to think that organizing teams of people to hack into systems is a way to bring together the best computer talent to square off against each other,' writes Winkler. 'I look at it as a waste of that talent.' That's why Winkler supports Facebook's latest Hacker Cup, which has become one of the few tests of creative computer talent. Facebook is using the original definition of 'hacker,' referring not to someone who breaks into computer systems, but rather to an individual who 'enjoys exploring the details of programmable systems and how to stretch their capabilities.' Facebook's contest consists of successive sets of increasingly difficult algorithmic problems. Scoring will be based on how accurately and quickly the programmers complete the puzzles. 'Meanwhile, the media effectively lionize groups like Anonymous by breathlessly reporting on their latest hacks,' writes Winkler. 'What we really should be doing is not to reward a handful of students to find problems, but to train all students, and inevitably the profession, to integrate security into their efforts from the start.'"
This discussion has been archived. No new comments can be posted.

Facebook Helps Give Hacking a Good Name Again

Comments Filter:
  • Question... (Score:1, Offtopic)

    by jcreus (2547928)
    Why in red?
    • by jcreus (2547928)
      Clarifying, it was in red on the first page. Now it's not. Can anyone explain me this? Thanks.
      • Re: (Score:3, Informative)

        by Anonymous Coward

        If you are signed in and seeing it before it posts to the front page for every else that doesn't have an account or signed in, you will see it in red. It will also say as a time "Mysteriously in the future".

        Nathan

      • by mcgrew (92797) *

        The ones in red are ones not everyone can see yet. If you're a subscriber, you see stories before they're posted for everyone, giving you a chance to RTFA first. If you see a first post that isn't a joke or a troll, it was probably posted by a subscriber. I'm guessing they posted it seconds before you hit the link, or you wouldn't have been able to comment.

  • What makes for a more interesting story: script kiddies taking down a CIA webpage, or some computer geeks getting together to see who the best geek is?
    I know what I think is the more interesting story, but I'm sure common folk would disagree.
    • by tnk1 (899206)

      People care about what affects things they either are experiencing or they at least know something about. While a best geek contest would interest me (depending on what the competition was, of course), it may as well be a contest between stamp collectors for anyone outside those familiar with hacking/geek culture.

      • This, plus the fact that scare headlines like HACKERS pwn teh Facebooks, the world as we know it is collapsing, we are all DOOMED tend to draw exponentially more attention than any alternative (albeit true) story.

  • HBGary? (Score:5, Informative)

    by jginspace (678908) <jginspace AT yahoo DOT com> on Wednesday January 11, 2012 @09:28AM (#38662478) Homepage Journal

    Meanwhile, the media effectively lionize groups like Anonymous by breathlessly reporting on their latest hacks,' writes Winkler.

    Well you've got to admit the HBGary hack, as reported by arstechnica [arstechnica.com], was pretty damn cool.

  • by Robadob (1800074) on Wednesday January 11, 2012 @09:32AM (#38662502)

    This seems like bad timing for me/other uk students. Most of us are going to be having exams during the period which it is set, e.g. the qualification round is 20th-23rd of January, and then i have 2 exams on the 24th and 26th of January so it looks like i won't be signing up for this.

    • by jginspace (678908)

      This seems like bad timing for me/other uk students. Most of us are going to be having exams during the period which it is set, e.g. the qualification round is 20th-23rd of January, and then i have 2 exams on the 24th and 26th of January so it looks like i won't be signing up for this.

      You Brits have got the GCHQ contest [slashdot.org] - you lucky buggers!

  • by eexaa (1252378)

    I always thought hackers made furniture using an axe. What is this computer stuff anyway?

    • by sycodon (149926)

      Since I started in computing in 1980, I can't remember when the term Hacker meant anything other than someone taking something and "hacking" or, making changes, to something so that it performed its original function differently or performed an entirely new function. Almost always these were done with illicit intentions.

      Ask any non-computer person who writes the stuff that breaks their computer, steals their data and/or money and they'll say "Hacker".

      I'm afraid Hacker will always be associated with people t

  • by lightknight (213164) on Wednesday January 11, 2012 @09:50AM (#38662608) Homepage

    We've done this before -> the best h@x0r$ aren't the people beating their chests, sporting security credentials, hanging out at DefCom, taking down websites, or playing '5 minutes in heaven' with the 3-letter agency people. And they typically aren't the people who have an entire bookshelf devoted to books that actually mention hacking / cracking in the title. The dangerous people are the ones who have the dog-eared copy of Fundamentals of UNIX Programming sitting on their desk; they aren't using the hack of the week, or someone else's 0-day to compromise a system -> they know how the system actually works, all of its strengths and weaknesses. It's like the difference between some poor slob who bought a gun and keeps it in the front part of his jeans, and a trained Marine with his trusty hunting rifle.

    Programmers themselves can be scored in several different categories, and it often takes a weird grouping off them to pull off anything outstanding. Knowledge of computing, theory of computing, theory of application, pragmatic programming, knowledge of the programming language / linguistics, mathematics, advanced problem solving, advanced research, imaginary problem solving, and lore of computing. I may have missed a few. Good luck getting all 10s in every category.

    Security, by the way, is taught; it's simply not emphasized to the exclusion of other subjects. Most CS students know where the security holes, the major ones, can occur when it comes to programming. However, it's simply not cost-effective to chase down every last security issue (it could take years to release a product).

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      I call BS. Most CS students DO NOT know where the "major ones" are. It is thought processes like this that lead to compromised systems in the first place.

      As for the "cost-effective" argument, tell that to HBGary, or Sony, or any one of the hundreds of businesses that no longer exist. Tell that to the businesses that won't exist 2 years from now, and will never even know why. The really good compromises aren't detected, or if they are, are interpreted as minor ones.

      • Yes, they typically do. It usually starts and ends with, "You know what, I think I will program this next application, I think I'll use C / C++ / PHP / MySQL." ;-)
        They learn about buffer overflows the first time they make getline / cin / (it's been a while) choke or die on some input, they learn all about SQL injection attacks when one of their webpages forgets to escape hyphens before running a query, and they learn the value of username / password security the first time they accidentally leave their user

        • Re: (Score:2, Troll)

          by Phreakiture (547094)

          If you believe you are running an OS that cannot be cracked / that is secure, feel free to post your IP address to some of the more interesting forums on the internet; with a minimal install, it might take them a week or so to crack; with a full install, and a fair number of normal services running, it might take several minutes.

          Well, I'd say /. is one of the "more interesting forums on the internet" so here you go: 127.0.0.1. Have at it. I dare you.

          • Dude, there is tons of porn and movies at that IP address you gave me.

            And as it just so happens, they also use my username / password for the login credentials. Keanu Reeves -> Whoa!

  • The announcement page has a link to the problems from last year's qualification round [facebook.com], but that leads to a sign-up page for the contest. I'm curious to see the problems, but not planning to compete. Can someone who's already signed up post them here, and save the rest of us some time? Cheers.

    • by Anonymous Coward

      Double Squares

      A double-square number is an integer X which can be expressed as the sum of two perfect squares. For example, 10 is a double-square because 10 = 3^2 + 1^2. Your task in this problem is, given X, determine the number of ways in which it can be written as the sum of two squares. For example, 10 can only be written as 3^2 + 1^2 (we don't count 1^2 + 3^2 as being different). On the other hand, 25 can be written as 5^2 + 0^2 or as 4^2 + 3^2.

      Input
      You should first read an integer N, the number of tes

    • You've been given a list of words to study and memorize. Being a diligent student of language and the arts, you've decided to not study them at all and instead make up pointless games based on them. One game you've come up with is to see how you can concatenate the words to generate the lexicographically lowest possible string.

      Input
      As input for playing this game you will receive a text file containing an integer N, the number of word sets you need to play your game against. This will be followed by N word s

  • by sgt scrub (869860) <saintium@yahoEEEo.com minus threevowels> on Wednesday January 11, 2012 @10:39AM (#38663036)

    Hacking: Using your capabilities to gain access and explore an unknown programmable system.

    Cracking: Using knowledge of existing tools and systems to gain access and exploit a known programmable system.

    • I'd say that's a fair way to define it. It seems that our culture is beginning to label anything a hack these days, even accessing someone's Facebook when they're not looking.
    • Hacking: Using your capabilities to gain access and explore an unknown programmable system.

      Actually, for old-timers (and many still at MIT), hacking can imply getting access and exploring just about any kind of system, even gaining physical access and exploring. (Hence, the "hacks" at MIT which have involve placing objects in inaccessible places, etc., which comes from a culture of "hacking" (i.e., exploring) the rooftops, basement tunnels, and other parts of MIT campus.)

      But "hacking" in the early days did seem to be associated with certain types of electronic systems, notably telephones and t

      • Actually, here's a good overview of the origin at MIT, from someone who was writing about it in the mid-80s, when "hacker" first had gained significant media currency in the negative sense:

        http://www.cs.berkeley.edu/~bh/hacker.html [berkeley.edu]

        A ``hacker'' is... someone who never goes to class, who in fact sleeps all day, and who spends the night pursuing recreational activities rather than studying.

        What does this have to do with computers? Originally, nothing. But there are standards for success as a hacker, just as grades form a standard for success as a tool. The true hacker can't just sit around all night; he must pursue some hobby with dedication and flair. It can be telephones, or railroads (model, real, or both), or science fiction fandom, or ham radio, or broadcast radio. It can be more than one of these. Or it can be computers.

  • I'm sick of this Hugh Pickens spammer being constantly posted on Slashdot with the lamest of lame stories. How much is he paying them for all this air time? Or is it a straight up blackmail operation? No wonder CmdrTaco left.

    • by jginspace (678908)

      http://slashdot.org/slash-stats/week

      Hugh Pickens: 9 this week from 18 submissions

      http://slashdot.org/slash-stats/month

      Hugh Pickens: 34 this month from 59 submissions

      theodp: 18 this month from 31 submissions

      smitty777: 18 this month from [less than 32] submissions

  • I'm glad to see Facebook promoting creative computer exploration. I think that the true spirit of hacking is being lost in the new definitions of our modern society. Anonymous and LulzSec make headlines for DDOS attacks which don't really count as hacking. The great hacks these days are often made without fanfare when a Hacker exploits a system or piece of code with his natural creativity, and it is often for positive rather than negative ends.
    • by rta (559125)

      I'd be much more impressed if Facebook actually got their own house in order. Every programmer who writes a 3rd party app for facebook is a hacker because that's what it takes to get something to work and keep working on there. Their platform is terribly documented with documentation that isn't just incomplete but actually wrong and misleading. They change stuff randomly without any announcement. They regularly break things with their weekly updates. They take weeks and months to acknowledge bugs and t

      • You make a fair point. Facebook is not really my favorite company, but at least this is a nice move. However unimportant it might be. But yes... Facebook has serious issues to work through.
  • I'm not sure exactly why Mr. Winkler thinks computer security is a waste of computer talent, but that solving social media programming puzzles is not. While I'm not enough of an expert to see how algorithmic programming challenges relate to security, it seems to me that probing existing security systems (which, as far as I know, is an accepted and common practice, from which a lot of good can be derived) is more directly important than what is essentially a competitive Project Euler. However, it is understa
  • We're taking it back!

    And just like "Porch Monkeys", the idea that someone would be so attached to using "Hacker" as a positive is hilariously absurd.

  • How is associating themselves with Facebook supposed to give anyone a good name?

Stupidity, like virtue, is its own reward.

Working...