PHYSORG.com – September 30th, 2009 By Bridget Carey

The world of hackers is kind of like the “Star Wars” universe: There’s a light side and a dark side of cracking computers.

Hundreds of hackers on the side of good — or ethical hackers — gathered at the 14th Hacker Halted global conference, held for the first time in Miami, to talk about strategies to thwart cyber terrorists.

Ethical hackers understand how to hack a system in order to better protect against attacks, or to know where the vulnerabilities are in a program.

“A good defense is a good offense,” said Sean Arries, a security engineer at Terremark Worldwide. “If you understand your opponent and you understand how the attacker is going to attack you, then it makes it a lot easier for you to defend yourself.”

Arries gave a cautionary presentation detailing how hackers can take advantage of a vulnerability in Windows Vista and Windows Server 2008 _ a gateway for hackers that Microsoft hasn’t yet patched.

Arries did a scan of 43,000 domains and found 110 of those sites were vulnerable to that exploit.




  1. bill says:

    Be careful! Remember what happened to Darth Vader!

    Maybe the Jedi are still around?

  2. Greg Allen says:

    “A good defense is a good offense,”

    How did this become conventional wisdom? I don’t believe this at all.

    Offense and defense are two very different strategies and the one does not substitute for the other.

    … sorry for the aside, but it bugs me when people say this because, too often, it leads to bungling that the rest of us have to clean-up. Think invasion of Iraq.

  3. green says:

    They all start out with ethics on their mind, then get persuaded by $$$ to work for some offshore casino looking to make it big on betting day.

    When money talks nowadays, ethics take a back seat.

  4. ECA says:

    we could debate this for years, but already has been debated about WINDOWS and security.

    Lets go another way..
    DEFENSE isnt always the best way..There is also revenge and tracking.

    First let me make 1 point. MOST hackers DONT make much money, and many of them went to MAKING spam. Making SPAM makes money.

    1 more point. there are different types of hackers, and in this post I would suggest we stick with HARDWARE and SOFTWARE hackers.

    On the HARDWARE side are those that can hack ROUTERS and your PROGRAMMABLE MODEM.
    Software tends to take advantage of Server side, and personal computers.

    There can be an overlap of the 2 as you need to understand how to get AROUND the hardware(sometimes) to get to the software.

    I warn my customers about the net..
    “the net is like SEX with the Best looking Nymph prostitute in the world..
    You better have 3 condoms ON, as she KNOWS what she likes and is VERY BUSY.”
    #1 warning..DONT PUSH THE BUTTON.
    Those that listen to #1 seldom see me often.

    I tend to like Spam, and wish I was on this force. as there are a few ways to solve the problem. 99% you cant track them back(easily) so why not track FORWARD.
    Contact the site you are being sent to.
    CONTACT the ISP.
    CONTACT those in charge of the area(cops/feds/..) and give them the info you have.
    ASK the question..
    ALL spam needs a ref# so they know who SENT you to them so that they can be paid. IF you can get the authorities/ISP company behind you, you can threaten to shut them down or even Limit their access. Just get the account numbers and the bank info.
    Then do the SAME to the bank..you want the Person or the NEXT bank..
    The only time you can actually GET anyplace is if you can get the POWER behind you.

    Hardware hacking is DASTARDLY. It can be done. it isnt easy and NOT all hardware can be hacked. The problem with UN-HACKABLE hardware is that it CANT be updated easily EITHER.
    The main problem is in the structure of the NET and how it was originally designed. Its TOTALLY hackable. Its not like you can use caller ID, or Callback verification..

    To fix the net you would have to start from Scratch.
    But to solve about 90% of it..FIX EMAIL.

  5. amodedoma says:

    Clarity in terms please! There is no such thing as a good hacker, they’re known as security experts. I’ve known plenty of those, and I’d rather trust a used car salesman.

  6. ECA says:

    5,
    TRUE..
    Or a decent PROGRAMMER.

  7. agp says:

    “Arries did a scan of 43,000 domains and found 110 of those sites were vulnerable to that exploit.”

    So one quarter of one percent is bad?

  8. Uncle Patso says:

    It should be illegal for any computer that holds confidential data or controls any important process to be connected to the Internet, with double penalties if that computer is running any version of Windows.


0

Bad Behavior has blocked 6903 access attempts in the last 7 days.