lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <3EE68DE3.8080201@ameritech.net>
From: dbailey27 at ameritech.net (northern snowfall)
Subject: USDOJ BRAINWASHING TECHNIQUES

> Don't get me wrong...I will agree that educating children to not hack 
> *could* cut down on attacks however it does nothing to stop the 
> vulnerabilities that exist in soooooo many products. Time would be 
> better spent educating the kids about how vulnerabilities are caused 
> and what they could do to help prevent the issues to begin with. Teach 
> these kids to not use strcpy into a fixed buffer or something. 


I understand your point. However, let's look at the statistics. How many
people out there are writing programs for commercial release versus the
amount of kids out there interested in malicious hacking. There is a much
higher ratio of individuals that desire to perform malicious hacking
simply because there are 'dot slash' tools available for people with
little or no technical knowledge. It takes a certain level of skill to
write a commercial program, insecure or not.

The government, in this situation, is trying to defer the cultural
phenomenon of 'cool'. Kids think it is 'cool' to hack when they see it
in movies or other media. Very few are interested, at that age, in
developing programs. They just want to show their friends how great
they are and impress some girls. Were you any different at that age?
I sure wasn't.

I'm sure you do decent vulnerability research at Snosoft. However, you
must realize that people are the same in every facet of society. They
make mistakes. Even the best of us do. Training at the university,
corporate and even high school level should cover vulnerable code
development extensively. Influencing children to do something they
don't care about isn't going to help.

Influencing people to be precise and thorough when developing any given
project is something that must be done in a different way and takes a
lifetime to teach. The American culture of fast money, fast love and
fast living seems to teach more than most parents are willing to;
unfortunately, this culture seems to negate precision performance and
commitment to quality.

> Remember when your Dad told you not to drink beer.... what did that 
> make you want to do? ... taste this forbidden drink he spoke of. Tell 
> them not to hack and they simply become more currious about the 
> forbidden fruit. 

My parents never spoke to me about alcohol and I partied like crazy in
high school. If we had talked, I probably would have been less wild.

An authority figure telling an individual not to do something doesn't
necessarily make it 'forbidden fruit'. That is dependent on the
individual's psyche. Even if they do have a psyche that is skewed toward
'eating the apple', you can still influence them positively by showing
them the benefits of your concept. This is what the government is
attempting to do with children, by showing them different scenarios that
yield different results.

It is absolutely imperative that we teach children what benefits the
human race on a universal level, allotting for the success of all
people. The children that see the benefit in our technique and
the commitment in our actions will follow us. Simply saying 'do as
I say' does nothing but negate our intent, even if it is good.

Don

http://deadchildren.org/~north_




Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ