Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Bridging the Gap Between Hackers and Academics

kdawson posted more than 7 years ago | from the black-hats-in-gowns dept.

Security 50

Tal Garfinkel writes "There has long been a disconnect between academic computer security and underground forums like Black Hat and Phrack. A new USENIX-sponsored workshop called WOOT (Workshop On Offensive Technologies) is looking to bridge that gap by providing a high-quality, peer-reviewed forum for attack papers, with top reviewers from the academic, open source, commercial IT, and information warfare communities. Got a great attack paper? See if it makes the cut at WOOT."

cancel ×

50 comments

Sorry! There are no comments related to the filter you selected.

WOOT? (5, Interesting)

EvanED (569694) | more than 7 years ago | (#18975035)

I'm sure the WOOT conference would have been happy to publish "How to 0wn the Internet in Your Spare Time [icir.org] ," which, incidentally, has to be the best academic paper title ever.

Re:WOOT? (2, Funny)

eviloverlordx (99809) | more than 7 years ago | (#18975211)

Shouldn't that be 'How to Pwn the Internet in Your Spare Time'?

Re:WOOT? (4, Funny)

EvanED (569694) | more than 7 years ago | (#18975577)

This was 2002, before the P took the place of zero.

But I agree, if it were to be published today, that would be the "proper" title.

Re:WOOT? (1)

nametaken (610866) | more than 7 years ago | (#18984833)

I just want to know what an "information warfare community" is.

Also, I'd like to know where I sign up for membership, because it _sounds_ bad-ass.

The name! (1)

EvanED (569694) | more than 7 years ago | (#18975527)

I was making fun of the name, not trying to be interesting! Mod me funny dammit! ;-)

I'm sure academics (1, Funny)

Anonymous Coward | more than 7 years ago | (#18975053)

can learn a lot from script kitties.

Kiddies (1)

MatrixCubed (583402) | more than 7 years ago | (#18975285)

Read up [wikipedia.org] .

Re:Kiddies (1)

Ojuice (638639) | more than 7 years ago | (#18975481)

you missed the joke, me thinks.

Creating... (4, Funny)

Billosaur (927319) | more than 7 years ago | (#18975077)

...the Hackademic. Ba-dum-bum. I'm here all week.

Re:Creating... (1)

ScrewMaster (602015) | more than 7 years ago | (#18975389)

Ackadacker.

Re:Creating... (1)

Tackhead (54550) | more than 7 years ago | (#18975601)

> Ackadacker.

"It's a HONEYPOT!" [elitemrp.net]

A gap? (5, Informative)

saintlupus (227599) | more than 7 years ago | (#18975085)

There has long been a disconnect between academic computer security and underground forums like Black Hat and Phrack.

Just because "academics" don't introduce themselves as such to the script kiddies, doesn't mean that we're not around.

--saint

Re:A gap? (0)

Anonymous Coward | more than 7 years ago | (#18984509)

Yet you still publish academic articles on subjects that were the topic of a talk at Defcon 3 years ago with no reference. The reverse situation occurs as well. There is a disconnect, and it isn't eliminated because there are a few people who travel in both circles.

A lot about hacking, not so much about bandwidth (4, Funny)

192939495969798999 (58312) | more than 7 years ago | (#18975117)

Apparently the disconnect may have to do with how bandwidth works, because that site is slashdotted all to hell now! Either that, or during that long delay, they were hacking into my PC. Anyone else get the jitters when they go to a website about hacking and it just sits there and grinds in the browser?

Re:A lot about hacking, not so much about bandwidt (1)

spamking (967666) | more than 7 years ago | (#18975241)

Wouldn't open for me either . . . I actually kept waiting for the site to come up blocked by freakin' websense. Who knew posting this on /. would just about kill their site.

Information warfare communities... (3, Funny)

$RANDOMLUSER (804576) | more than 7 years ago | (#18975121)

I bet they'd be interested in my design for a chair cannon.

One more exclamation down (1, Funny)

Anonymous Coward | more than 7 years ago | (#18975153)

Damn it! Now whenever I get a good drop and yell "Woot!", people will think I'm a hacker.

academics ? oh come on now. (1)

unity100 (970058) | more than 7 years ago | (#18975277)

do you think those black hatties, phrakkers etc need academics or "peer review" ? peers need to get themselves reviewed by the other.

Whats the point? (4, Insightful)

splug (992725) | more than 7 years ago | (#18975307)

If it is so cutting edge why the hell is the conference "by invitation only, with preference given to the authors of accepted position papers/presentations". If it suppose to be academic the people with papers probably know this stuff already. Shouldn't it be for everyone? This way no one learns.

Re:Whats the point? (0)

Anonymous Coward | more than 7 years ago | (#18976069)

Even in acadeamia, information isn't going to be free. So much for the concept of 'higher education'.

I'd rant on, but I have a curve to jump ahead of.

Re:Whats the point? (4, Insightful)

blhack (921171) | more than 7 years ago | (#18976095)

Contrary to what my receptionist believes "Computers" is not one skill. While one person might be especially good at manipulating Wi-Fi networks, another person might be talented at writing kernel-mode rootkits for unix. Still another person might be exceptionally experienced with IBM as400 mainframes and have written papers on the topic. It is by invitation only so that they don't get 2000 fresh out of puberty "hackers" who have never written an application in their life constantly asking them how to hack into pr0n sites and hotmail.

it is exactly the same as if a bunch of physicists got together for an invitation only conference. Its for academics.

Re:Whats the point? (1)

Random Walk (252043) | more than 7 years ago | (#18985559)

it is exactly the same as if a bunch of physicists got together for an invitation only conference. Its for academics.

Except that academic conferences usually are not invitation only. The general public is kept out by the admission fee (which for academic participants is usually covered by some grant).

Re:Whats the point? (1)

Pheersome (116234) | more than 7 years ago | (#18977523)

Calm down. It's sponsored by Usenix, so the accepted papers will be published online, freely accessible by everyone. Also, academic conferences exist to provide a forum for new research, that is, ideas and results that no one save the authors have seen before; therefore, the workshop attendees will in fact learn from their peers.

Re:Whats the point? (1)

VENONA (902751) | more than 7 years ago | (#18983525)

Maybe security by obscurity is still considered valid by USENIX conference organizers? :)

Yes, that is a joke. It's probably due to space limitations, or they don't want it to take on a Black Hat '07 ambiance or something.

I'd be amazed if at least the best couple of papers didn't appear on the portion of usenix.org available to non-members.
http://www.usenix.org/publications/library/proceed ings/best_papers.html [usenix.org]

BTW, the editor has made a *gasp* mistake. USENIX is a professional organization for anyone that uses a Unixy OS, not just academics. It's companion organization, SAGE, is for SysAdmins. That was almost spun off a couple of years, ago, but in the end it didn't work.

Dues are reasonable. $165/yr. for both, and there are student discounts. I know a couple of people who've been able to expense their dues.
https://db.usenix.org/cgi-bin/memb/memb.cgi?action =new [usenix.org]

I would recommend either or both, depending upon what your doing at the moment. Look the Web site over, and form your own conclusion, of course.

Re:Whats the point? (1)

Hal_Porter (817932) | more than 7 years ago | (#18986671)

maybe the acdam^wacadamics want 2 keep out teh n00b lamerz coz they wunt 2 stay l33t.

its like irc. all teh good chans like #fbi-internal make u hack in, kick teh lamerz. only then do the l33t hackorz delurk an teell u teh new scripts.

hold on, therez a load of swat guyz at teh door.

There's your problem. (3, Informative)

mcmonkey (96054) | more than 7 years ago | (#18975515)

This doesn't seem to have anything to do with hackers at all.

You want crackers. Two doors down.

Re:There's your problem. (0, Troll)

Paracelcus (151056) | more than 7 years ago | (#18975581)

Yup, "Academics" AKA "Pseudo Intellectuals" AKA "People who sit around and brag about their educations", don't know the difference between "Hackers", "Crackers" and Script Kiddy's".

English is not a programming language - context! (1, Informative)

Anonymous Coward | more than 7 years ago | (#18975835)

Eric S. Raymond and others like him (and you) like to pretend that there is one "right" word for people who engage technology creatively, "hackers", and another word for people who engage technology destructively, "crackers". This doesn't make you a bad person, but it's a flaming torch you shouldn't waste time carrying.

"Crackers" is a minority usage even within the hacker community.

Human language is context-sensitive. This notion that there is one particular word for one thing, and that it cannot be used for anything else isn't accurate or realistic. "Hackers" call themselves "hackers". The people you refer to as "crackers" also refer to themselves, predominately, as "hackers". Words can have more than one meaning, and instead of going language-lawyer every time someone uses the word "hacker" in a way you don't approve of, why don't you just accept the fact that the English language has words with multiple meanings?

Context is king, and linguistic proscriptionism is a dead-end for anyone interested in how language is actually used.

Re:English is not a programming language - context (1)

Loplin (1037544) | more than 7 years ago | (#18976049)

Besides, I can see how "hackers" would have a problem with this inevitable conversation:
[Prospective mate]/[Peer to be impress]: What do you do for a living?
'Hacker': I'm a cracker.

Re:English is not a programming language - context (1)

mcmonkey (96054) | more than 7 years ago | (#18977401)

Human language is context-sensitive.

I agree 99 and 44/100%. My post was not meant to be flamish or trollish or, FSM-forbid, ESRish.

My post was meant to express, when I read the headline, I thought the article was about the academic, theoretical implementations of information technology and systems vs. the every day practical and actual uses of said technology and systems.

Of course, once I read the summary I knew otherwise. In the context of a headline on /. (as opposed to a headline on cnn.com or my local daily paper), use of the word 'hackers' was misleading. Nothing to do with what I accept or approve.

In the context of the mass media, I know 'hackers' means 'people who break stuff, usually whilst wearing black hats.' However, in other contexts, I expect a more sophisticated audience who can appreciate the distinction between 'people who break stuff' and 'people who are not content to "use as directed."'

Re:English is not a programming language - context (0)

Anonymous Coward | more than 7 years ago | (#18979843)

That's funny. Isn't this the same Slashdot where we get criticized all the time for babbling in techno-jargon that Joe Sixpack wouldn't understand?

So let's not confuse Joe by mixing up "hacker" and "cracker". While we're at it, how about we leave the implication that open source developers are the ones breaking into your computer off of the summaries?

Re:English is not a programming language - context (1)

somersault (912633) | more than 7 years ago | (#18986011)

I don't think I've been criticized for that before. WTF is 'Joe Sixpack' doing here anyway? Trying to find out how to empty his recycle bin?

Some academics have always been crackers (1)

giafly (926567) | more than 7 years ago | (#18976007)

Help DDOS the next generation. Become a lecturer.

Woot! (0)

Anonymous Coward | more than 7 years ago | (#18975529)

One Day, One Workshop.

Supposedly... (1)

arkham6 (24514) | more than 7 years ago | (#18975683)

If you submit to WOOT and are rejected, they will state "Paper Was Not Designated Useful"

Re:Supposedly... (0)

Anonymous Coward | more than 7 years ago | (#18976607)

Grim, stony-faced golf clap.

Re:Supposedly... (0)

Anonymous Coward | more than 7 years ago | (#18992655)

But what if you post your paper in prominent places on their website describing it as "Stunning" and "Elegant" without authorization?

My paper wuz rejected. (4, Funny)

minotaurcomputing (775084) | more than 7 years ago | (#18975723)

My paper, "How to Pwn n00b Sys Admins" wuz turned down by teh pier reveiw commitee bcuz they sed i had bad grammer.
teh suxors im l33t
-m

Other publications to follow suit (3, Funny)

sam_handelman (519767) | more than 7 years ago | (#18976099)

That's not the only party of IRC seeking academic legitimacy. Expect the following in the near future:

- Proceedings of the National Association for the Advancement of Kiddie Porn

- Transactions in Piracy

- Nigerian Finance Quarterly

- Kawaii! Anime of journal from translate poorly, for sure yes or else!

- Trends in Russian Credit Card Management

- Journal of Interactive Marketing
  Oh, wait, this already exists.

Sorry but Woot is taken (1)

dwillden (521345) | more than 7 years ago | (#18976119)

The name Woot is already taken by http://www.woot.com/ [woot.com]

Re:Sorry but Woot is taken (1)

mr_mischief (456295) | more than 7 years ago | (#18983531)

Yeah, I was getting all excited about a magic box that gaps divides between over-schooled, under-experienced weenies and under-aged, over-caffeinated workers in the trenches being on sale real cheap from midnight until sell-out!

Then I found out they just $t013 t3h nam3! ;-)

Author is also a WOOT Program Chairs (3, Funny)

Evil W1zard (832703) | more than 7 years ago | (#18976481)

Anyone else catch that the person posting the article is also one of the Program Chairs for the event. Guess if you want free advertising /. is the way to go! Can't wait to see when Ron J. posts the article for P0rncon here!

And may it ever be. (1)

Jason Scott (18815) | more than 7 years ago | (#18977149)

There has long been a disconnect between academic computer security and underground forums like Black Hat and Phrack.

And you know what?

Thank fucking God.

Thank fucking God.

Although I do think it's stretching it to call Black Hat "Underground".

- Jason Scott
    Textfiles.com

The success is in the mix (1)

Opportunist (166417) | more than 7 years ago | (#18977971)

Hire hackers and you have a veritable unmanageable subverted subculture working in your IT department that can well work against you instad of for (depending on how "ethic" your company is in the eyes of your hackers).

Hire academics and you'll have pseudosecurity 'cause they got all the theory down but no experience and they do actually care for patents and laws.

Mix them together and you get a truely useful combination. I see it every day at work. We have a very tight coop with the IT department of the local university, with lots of good people (of both breeds) amalgamating in our company. We, the "old school, hands-on" guys, can learn a lot from the methodic approach those "learned" people can give us. They in turn get a (well, sometimes not too nice) cut why their nice theory fails in practice. PoC included. :)

Generally, it's a good combo. And the success proves us right.

WOOT vs. w00t (1)

agent (7471) | more than 7 years ago | (#18979231)

omfg I 3 MySpace NOT (! said in a Borat voice)

Connection reset... (1)

Mipsalawishus (674206) | more than 7 years ago | (#18981625)

"There has long been a disconnect between academic computer security and underground forums..."

So in other words...connection reset by peer review?

Hi (1)

mandelbr0t (1015855) | more than 7 years ago | (#18982369)

Dear Mr. Academic,

Why is it that you have more years of education than me, yet can't get anything accomplished without calling my help desk at least twice? No, I will not teach you how to use your computer no matter how incompetent you pretend to be. The only thing worse than stupid people is smart people who pretend to be stupid. Didn't you learn anything for yourself in school, or did you just 'delegate' all your homework to the more naive but technically superior classmates you had? You can't live without me, but I can certainly live without you. Get your fucking nose out of the air and start working with me instead of pushing me around.

Sincerely,
Mr. Hacker

Re:Hi (0)

Anonymous Coward | more than 7 years ago | (#18982973)

Because Mr. Academic knows different stuff than you and does different work? Why should he have to learn sysaddmin, when that is not what he does?

university (1)

f1055man (951955) | more than 7 years ago | (#18982477)

When I was in school, the CS profs played basketball and soccer tournaments with the undergrads. I guess it's good that the faculty is spending some time with the grad students playing their favorite extracurricular activies.

Seriously, it always seemed to me that the grad students did the hacking and it was their advisors' role to run interference.

It didn't say... (1)

Seahawker101 (643662) | more than 7 years ago | (#18984579)

When I first read the article I thought it said UNISEX, not USENIX. Guess I found out where my mind has been for the past few days.
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?