The hacking hobbyist

Published: 17 March 2001 y., Saturday
Baker, a 24-year-old systems programmer, is part of a group of computer experts who spend their free time trying to figure out potential Internet security threats to large networks. Over the last year, Baker's hobby has led him to technology security lapses at E*Trade, the Charles Schwab brokerage concern, Wells Fargo bank and the Critical Path e-mail service. Baker is a member of a clan known as "gray-hat" hackers, who occupy the ethical territory between the malicious "black hats" and the "white hats," hired by companies to check their own systems' security. Gray Hat protocol is to first notify hacked companies of possible network flaws, and then possibly posting the flaw on Web sites where gray hats exchange trade gossip, as Baker did when he discovered the E*Trade network security hole. The company quickly vowed to clean up the matter after reporters called. In a world where hackers are either jailed or earn thousands in consulting fees, Baker's hobby is puzzling. The online gatherings for this community are places like Bugtraq, run by Virginia-based SecurityFocus.com. Five to 10 network vulnerabilities can be posted on Bugtraq in just one day, said chief technology officer Elias Levy, who estimates the gray hat community numbers 10,000 people, ranging from researchers at well-known labs and universities to amateurs. "People make targets of themselves," said Baker, who says he gave E*Trade months to address the issues before posting vulnerabilities. "If there isn't any press, there isn't any action. It is the key to making the whole plan work."
Šaltinis: nandotimes.com
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.

Facebook Comments

New comment


Captcha

Associated articles

Lindows faces a reality check

Lindows.com, the Linux operating system maker, is being forced to re-evaluate its strategy to lure the average computer user away from Windows more »

Cyberterrorism Concerns IT Pros

Threats of terrorism concern IT professionals, and almost half of those surveyed indicated that a major cyber attack on the U.S. government could be imminent more »

search.lt news

search.lt presents newest links more »

Wearable Security Locks Laptop Data

If a user wearing the system's security token walks away from his or her laptop, the system senses it and begins securing the computer by encrypting all data more »

Russia, Iraq May OK 40 Billion US Dollars Deal

Iraq and Russia are close to signing a US$40 billion economic cooperation plan, Iraq's ambassador said Saturday more »

search.lt news

search.lt presents newest links more »

Gold medalists to sue US media

Russian figure skating champions Anton Sikharulidze and Yelena Berezhnaya have voiced their intention to sue US media companies for libel more »

Microsoft finds Content Management Server holes

Microsoft has released a patch for three vulnerabilities, one of which is "critical," in its Content Management Server 2001 product for building and maintaining Web sites. more »

DOD, Army testing biometrics

The Defense Department's Biometrics Management Office (BMO) and the Army's Communications-Electronics Command (Cecom) are partnering to test the integration of fingerprint technology into the Army's tactical Network Operations Center-Vehicle more »

The CAD 3D Working Group

ParallelGraphics Joins Forces with Leading Technology Companies to Establish the CAD 3D Working Group more »