August 5, 2008
Black-Hat Hacking 101: College Professor’s Course in Defeating Security
California professor George Ledin doesn’t mind if his students write viruses, worms, and spyware, or spam email and bulletin boards. After all, he shows them how to bypass security wares to do such dirty work. And security software companies like McAfee are pissed, since the reportedly $5 BILLION (US) spent by companies on anti-malware packages is being rendered into money down the toilet.
That’s the point. Ledin compares the current “security” market to the cryptography scene some decades ago when the NSA ran the scene. Eventually, that technology was made publicly available to make online shopping possible. The anti-malware codes, however, are kept under corporate lock-and-key thanks to the Digital Millennium Copyright Act of 1998, and the likes of McAfee and Symantec are showing no signs of letting their “trade secrets” loose.
But Ledin’s goal goes beyond making the corporate wares useless, he wants his students to think like the enemy to better devise solutions to the growing malware threat:
“Unlike biological viruses, computer viruses are written by a programmer. We want to get into the mindset: how do people learn how to do this?”
While he admits that what he teaches can do harm in the wrong hands, Ledin also believes that his course can lead to a more open (or maybe open-source) anti-malware package that’s more complete than the legacy technology being offered and used.
Only one question I have is this: WHERE DO I SIGN UP???