These days, when you are talking about security, let's face it -- the conversation will turn to hacking, and probably rather quickly. With groups like Anonymous and LulzSec and AntiSec making headlines, it is easy to focus on the bad things hacking can do.
We often forget that hacking is a skill every security professional should know.
I remember when we were sitting in freshman orientation the summer before my son started college. The department head of the relatively new major of information security talked about the classes the kids would take and the skills they would need. When he mentioned hacking class, there was a slight gasp from some of the parents (one dad near us said he wasn't sending his child to school to be a criminal), but the kids were pretty excited. My son loved that class and claims it was one of the most important things he learned in school.
That's why I was fascinated when I saw the stories about the hacking classes at DefCon that focused on teaching little kids the art of hacking. It makes total sense. As my son explained to his shocked grandparents when he told them of hacking class -- we have to know how the bad guys operate if we want to develop security to stop them.
No need to tell you how adept kids are on today's technology. They know more than we do and they know it earlier. So why not give them a head start in security issues? Just as long as parents make sure they are using their new powers for good, rather than evil.
DefCon even took the time to address those infamous hacking groups to try and teach them a thing or two. Security experts suggested that the groups need to become more focused to strengthen their cause. One of the panelists was quoted in Wired.com:
"We have an opportunity to not just cause chaos, but to cause organized chaos," said Josh Corman, research director at the analyst firm 451 Group, who said the groups are burying their message in noisy denial-of-service and SQL attacks. "I'm suggesting the actions in pursuit of their own goal compromise their goal. There's a way to render more specific what they want to accomplish."
Corman even suggested that these groups focus their energies on areas that would meet common good -- like child exploitation sites -- while still getting their point across.
It will be interesting to see what lessons on hacking everyone takes away from DefCon.