Educational Hacking. Is it really a good idea?
Thursday September 20, 2007 at 7:58 am CST
Posted by Federico Barbieri
There are and always will be different views on security information disclosure ethics. Thus I will not argue in one direction or the other. I will instead bring up a case as a “food-for-brain” example.
Would you trust someone that auction for a CD that “will make a hacker of you in only a few hours“?
What if the same guy sells free tools to “steal usernames and passwords” and “Sniff out AOL conversations“. For only 7.99 pounds you can also buy a “Easy virus construction” kit and “Ready Made Virus“.
Would you really believe it’s all “for educational use only on your own pc to test for any flaws in your system“?
Is this in any way educational, or is just another shortcut to help script kiddies to vandalize the internet? Is this really a good idea?
September 20th, 2007 at 11:18 pm
Of cause some of these tools or tutorials are questionable, can they really help you increase your own security?
But lets say someone was to download “Easy virus construction” kit to generate a whole lot of different viruses and then test their AV software. If the software can’t even find malware generated by one such kit it is very unlikely to find “real” threats.
As for tutorials about network eavesdropping and password stealing through keylogging, it is good to at least know how and why those kinds of attacks. How can you protect yourself against something if you don’t even know it exists? “Know your enemy”.
/_