Politech mailing list archives
FC: In SF this week; WashPost on counting hackers
From: Declan McCullagh <declan () well com>
Date: Tue, 14 Dec 1999 01:04:38 -0800
[Just checked into my hotel... I will be in SF this week for the tax advisory commission meeting. --DBM]
From: Paul McMasters <Pmcmasters () freedomforum org> To: "Declan McCullagh (E-mail)" <declan () well com> Subject: Counting hackers Date: Mon, 13 Dec 1999 08:39:40 -0500 Declan, Your readers might be interested in this item from Vernon Loeb's "Back Channels" column in this morning's Washington Post: http://search.washingtonpost.com/wp-srv/WPlate/1999-12/13/068l-121399-idx.ht ml -pkm HACKING ABOUT: In his 1997 book "Corporate Espionage," Ira Winkler, a former analyst and computer expert at the National Security Agency, wrote that there were probably fewer than 200 "computer geniuses" in the world who could actually find software vulnerabilities and another 1,000 hackers talented enough to take the geniuses' findings and use them to attack computer networks. Another 35,000 to 50,000 "clueless" hackers just take attacks that have already been published on the Internet and fire away. Winkler updated his estimates in a recent interview, saying there are now probably 500 to 1,000 computer "geniuses" out there capable of finding vulnerabilities in operating systems, 5,000 talented hackers and 100,000 "clueless" cybergeeks hacking around. For anybody in charge of securing large data systems, it's not a pretty picture. But the good news, from a U.S. intelligence perspective, is that 60 or 70 of those computer geniuses--and possibly more--work for the CIA, the National Security Agency and the Defense Department. They are on top of most major known vulnerabilities, Winkler said, and presumably have identified others that no one else knows about. The CIA and the NSA "don't lack brainpower--they have lots of PhDs in computer science," said Winkler, who now runs his own company, the Internet Security Advisors Group in Severna Park, Md. The problem, he says, is that many of those PhDs are doing other things besides developing information warfare strategies. "It's not that hard at all," Winkler said. "The process of finding bugs--it's just a matter of good software testing."
-------------------------------------------------------------------------- POLITECH -- the moderated mailing list of politics and technology To subscribe: send a message to majordomo () vorlon mit edu with this text: subscribe politech More information is at http://www.well.com/~declan/politech/ --------------------------------------------------------------------------
Current thread:
- FC: In SF this week; WashPost on counting hackers Declan McCullagh (Dec 14)