[WEB SECURITY] RE: How to stop hackers at the root cause

[Kevin.Wall at qwest.com (Wall, Kevin)]

Jeremiah Heller writes...

> do security professionals really want to wipe hacking
> activity from the planet? sounds like poor job security to me.

Even though I've been involved in software security for the
past dozen years or so, I still think this is a laudable goal,
albeit a completely unrealistic one. I for one, would be completely
happy to go back to software development / systems programming if
all the security issues completely disappeared. But unfortunately,
I don't think we ever have to worry about this happening.

> the drive for survival seems key. i think that when the
> survival of many is perceived as threatened, then 'bad
> hacking' will be addressed on a scale which will contain it
> to the point that slavery is contained today... after all
> don't hackers simply 'enslave' other computers? j/k

And of course, that is a good thing. After all, once the
first sentient AI takes control of all the world's computers
to subjugate all humanity, we have to have a way to fight back.
Evil h4><0rs to the rescue! ;-)

> until then it seems that educating people on how these things
> /work/ is the best strategy. eventually we will reach the
> point where firewalls and trojan-hunting are as common as
> changing your oil and painting a house.

I agree. Even though one risks ending up with smarter criminals,
by and large if one addresses the poverty issues most people
ultimately seem to make the right decisions in the best interests
of society. I think for many, once their curiosity is satisfied
and the novelty wears off they put these skills to good use. At
least it seems to me a risk worth taking.

> first we should probably unravel the electron... and perhaps
> the biological effects of all of these radio waves bouncing
> around our tiny globe... don't get me wrong, i like my
> microwaves, they give me warm fuzzy feelings:)o

Jeremiah, you do know that you're not supposed to stick your *head*
in the microwave, don't you? No wonder you're getting the warm
fuzzies. :)

-kevin
---
Kevin W. Wall           Qwest Information Technology, Inc.
Kevin.Wall at qwest.com    Phone: 614.215.4788
"It is practically impossible to teach good programming to students
 that have had a prior exposure to BASIC: as potential programmers
 they are mentally mutilated beyond hope of regeneration"
    - Edsger Dijkstra, How do we tell truths that matter?
      http://www.cs.utexas.edu/~EWD/transcriptions/EWD04xx/EWD498.html

This communication is the property of Qwest and may contain confidential or
privileged information. Unauthorized use of this communication is strictly
prohibited and may be unlawful.  If you have received this communication
in error, please immediately notify the sender by reply e-mail and destroy
all copies of the communication and any attachments.