Hacking Exposed

Benot Morel, Carnegie Mellon University

Exams


Midterm
Hacking today is very different from what it was at the beginning. The demography of the hacking
community has changed somewhat. But it has maintained some fundamentals.
a) Characterize the way you picture the hacking community today and how it differs from what it
was at the beginning. What do you think are the most salient features which define it?
b) Hackers tend to be (still...) relatively young. They tend to be "untrained" or more exactly self-
taught. Is it fair to say that they represent most of the repository of knowledge in cybersecurity?
or could you point to other sources of knowledge
c) Hackers play a central role in cybersecurity: what would you say are their main contributions?

Midterm Answer Key
Hacking today is very different from what it was at the beginning. The demography of the hacking
community has changed somewhat. But it has maintained some fundamentals.
a) Characterize the way you picture the hacking community today and how it differs from what it
was at the beginning. What do you think are the most salient features which define it?
Originally the hacking community was made up of a few individuals. Some were treated as criminals, but
most were happy to be a nuisance or develop malware like Back Orifice, or tools like L0phtcrack
(password crackers). The first sessions of DEFCON were meetings of partygoers, happy to share their
"pranks". Later, when cybersecurity became a serious preoccupation, an interest grew in the hacking
community. The hacking meetings became significantly more formal and changed in nature.
Today hackers are treated either as "experts" or potential criminals. A security industry is trying to build
itself on them. As long as there are innovations in high technology, there will be hackers, i.e. people
which will try to make them do something they were not intended to do.
b) Hackers tend to be (still...) relatively young. They tend to be "untrained" or more exactly self-
taught. Is it fair to say that they represent most of the repository of knowledge in cybersecurity?
or could you point to other sources of knowledge
This is the problem. The hackers "know best". But they are not organized and do not have the mindset
to look at their field as a field of knowledge. They tend to specialize randomly in some subfield. They do
not consider their responsibility to share their expertise. Typically they want to have fun.
There is hardly any other source of knowledge comparable in scope. Academia and engineers try to
approach the problem from a technological point of view. But the attempt of finding technological
solutions to cybersecurity problems has had only a marginal impact on the field.
c) Hackers play a central role in cybersecurity: what would you say are their main contributions?
They created the field (for better or worse...). They build most of the security tools, which originally
were more designed to attack, then they are sold today (i.e. for "penetration testing" and other
defensive purposes).

Final Exam
a) Security tools:
i) Today there is a plethora of security tools. Can you succinctly build a taxonomy of tools?
ii) Can you detect any logic in the way the tools evolve?
iii) What do you think of the possibility for companies such IO active or Rapid7 to make a lot of
money in the future?
b) The new Geography of cybersecurity
i) Cybercriminality is a much larger phenomenon than was the case before. Cyberwar and
cyberterrorism are potentially on the rise. All use the hacking culture and tools. In fact they
are modifying these tools to better suit their purpose. Does this mean that the open world
of hackers will become less important?
ii) To what extent do you think the following statement is correct: the hacking community is
not very intensely involved in countering the new cyberthreat. Who else is involved and how
do you see the geography of cybersecurity evolving?
c) Hackers of the future
i) There are several ways to characterize hackers: people with the skill to abuse computers, or
creative thinkers who enjoy the challenge of making computerized systems do something
different from what they were intended to, and more. Which of those descriptions fit best
your view of hackers?
ii) Can you imagine a future world with bio-hackers?

Final Exam Answer Key
a) Security tools:
i) Today there is a plethora of security tools. Can you succinctly build a taxonomy of tools?
There are many tools. But many of them duplicate each other. If one ignores the antivirus software and
intrusion detection devices such as SNORT or Wireshark, most tools were originally designed for
hacking. Many tools are for penetration testing (i.e. identify exploitable vulnerabilities). They look
similar, but they used different methodologies and tend to detect slightly different vulnerabilities.
Despite the very large number, a few progressively stand out as "superior. They tend to be the one
advocated by Darknet, or Backtrack, for example.
ii) Can you detect any logic in the way the tools evolve?
The evolution reflects a sense of where the new vulnerabilities are, and the progress in the game of
offense-defense being played by hackers and those who try to find defenses. Furthermore, good tools
inspire other tools to imitate partially.
iii) What do you think of the possibility for companies such IO active or Rapid7 to make a lot of
money in the future?
A lot depends on what the future of cybersecurity has in store in the world of web application. It is not
guaranteed that in the future, system administrators will not be able to provide adequate defenses with
cheap or free tools.
b) The new Geography of cybersecurity
i) Cybercriminality is a much larger phenomenon than was the case before. Cyberwar and
cyberterrorism are potentially on the rise. All use the hacking culture and tools. In fact they
are modifying these tools to better suit their purpose. Does this mean that the open world
of hackers will become less important?
It is conceivable that the hackers had their best days in the sun. They will continue to interest. But
society has needs which are completely aligned with the philosophy of hackers. So we should expect a
new source of expertise more dedicated to "security" to emerge.
ii) To what extent do you think the following statement is correct: the hacking community is
not very intensely involved in countering the new cyberthreat. Who else is involved and how
do you see the geography of cybersecurity evolving?
There is a component of cybersecurity (what pertains to cyberwar for example) which will grow in
importance and where the hackers dont have a natural role. Cybersecurity will probably fragment
somewhat in a variety of communities, the hackers being only one of them.

c) Hackers of the future
i) There are several ways to characterize hackers: people with the skill to abuse computers, or
creative thinkers who enjoy the challenge of making computerized systems do something
different from what they were intended to, and more. Which of those descriptions fit best
your view of hackers?
People have different views of hackers. Cybercriminals call for a response from society. Even if the
response is sub-optimal so far, we should expect/hope that it will improve. The other aspect of hacking,
i.e. the systematic exploration of ways to abuse new high tech gadgets, still has a lot of future, as we are
nowhere close to seeing the limits of innovations in the exploitation of computerized devices.
ii) Can you imagine a future world with bio-hackers?
This is an idea suggested by Bill Gates. Bio-hacking would be so different from hacking that it is difficult
to imagine. Considering the danger represented by modified pathogens, the idea that such research
could take place outside of any control, inspires serious concerns.