Defense Expert: Hire Hackers and Wage War 157
Phoghat writes "A top defense and cybersecurity expert says the U.S. should stop trying to take aim at expert hackers and start doing a better job of recruiting them. 'Let's just say that in some places you find guys with body piercings and nonregulation haircuts,' says U.S. Naval Postgraduate School professor John Arquilla . 'But most of these sorts of guys can't be vetted in the traditional way. We need a new institutional culture that allows us to reach out to them.'"
I got first post :P (Score:4, Insightful)
I am guessing that culture doesn't want to be vetted, by any means, traditional or non-traditional.
Distrust and lie paved way to these hacks (Score:4, Insightful)
Most of these hackers inherently distrust the government, that's why they are hacking them. So what is the benefit in hiring them?
It takes one to know one (Score:5, Insightful)
The problem is that vetting the ethics of a hacker needs someone who has insight in the cultural framework as much as the technical capabilities of the person under review, and that is MILES beyond your average HR setup.
I know from my own experience that the best reviewer for tech is someone who is either a former hacker him/herself, or has a personality that borders on Aspergers. You cannot understand technical people if you do not have the required mental tools, and especially the brighter hackers do not exactly conform to the standard employee model.
So, use one to know one, and forget about your average corporate HR droid doing anywhere near a sensible assessment. Oh, and forget about standard management techniques either - not only does it take one to know one, it certainly takes one to manage them.
stereotypes (Score:3, Insightful)
While we're at it, could we please also *not* assume that l33t hackers come only in one visual package (piercings, ink, etc.)?
Lets See... (Score:4, Insightful)
Take highly competent tech people who are generally speaking somewhat anti-authoritarian, give them the tools to do nasty things to the nations enemies via hacking, malware programming etc, and expect them to keep their mouths shut about it. :P
A lot of people don't trust the government - and often with very good reason - why would they want to hack for it?
How long until the complete log files of everything they and everyone they associate with are sent to Wikileaks?
Find technical people who are not anti-authoritarian and get them to do your hacking - just hire them for ability and knowledge rather than the traditional military virtues that most military organizations look for. In fact, hire them as civilian contractors and then keep them away from the rest of the military
Re:I got first post :P (Score:4, Insightful)
Want to reach the hacking culture? It's like hiring tribes people to help log the Amazon rainforest. Corporations should learn from the mistakes made in those senarios before even thinking of strategies such as this.
The irony here is although the Govt started the Internet as an official project, it has always rested on the shoulders of academics and the talent of the hacking community, corporations come further down the list.
Re:That's how they killed it. (Score:5, Insightful)
It's sorta funny to read this type of bleating in a Slashdot article that appears on the same day as one that says the Chinese government has backdoors in 80% of Telecoms to sniff information.
Look, ya dumb sheep.
They are already waging war against us, enemy and "friendly" states already use their government resources to steal intellectual property and wage industrial espionage against the United States. You obviously don't actually run any internet-facing services or you would see this shit in your logs.
The fact that our government doesn't do it aggressively too is the odd part. It's time to man up and fight back or your children (assuming you manage to breed) will be speaking Chinese and working for Russian mobsters for a daily loaf of bread.
Comment removed (Score:5, Insightful)
Re:If this is about cyberwar, (Score:5, Insightful)
I say it's awfully childish. Do we really want the Internet to be an unstable place?
It is far more childish to think that if we just play nice, everyone else will follow suit. The Internet will not be made secure by covering our eyes, crossing our fingers, and praying. It will only be more secure by making sure that those interested in its security have bigger "guns" than those interested in its instability.
Re:If this is about cyberwar, (Score:2, Insightful)
tl;dr offense is easier in the real world than it is online.
Re:This is nonsense. (Score:2, Insightful)
I know a few nerds who are also fitness geeks but you're highly delusional if you think that most hackers fall into that category. Most of us are not fit, unhealthy, and are weird looking.
Re:never going to work, ridiculous principle. (Score:2, Insightful)
"be all you can be" is not just a powerful message, it is a threat. Realise that what government is really saying there is that all you can really be is only achievable at this point if you are part of that government institution, and people that this message is aimed at cannot get government jobs as press secretaries, congressional staff or even regulators in an executive office. This is a threat and the reason government can issue it is because it is the very institution that creates the conditions, under which this threat is very much a reality.
Re:Distrust and lie paved way to these hacks (Score:5, Insightful)
That's the idea, anyway. I think in practice any good hacker (As opposed to a conventionally, formally trained engineer) is going to be driven half-crazy by the highly conformist military culture, and those that can stick with it are going to need constant micromanaging to keep them on their assigned mission ('You want me to disassemble yet another possible Chinese worm? BORING!') rather than using the available resources to do what they think is best ('Ohh, I'll write a virus that installs HTTPSeverywhere and blocks RST packets! That'll totally screw with China's filtering!').
Re:I got first post :P (Score:4, Insightful)
Want to reach the hacking culture? It's like hiring tribes people to help log the Amazon rainforest. Corporations should learn from the mistakes made in those senarios before even thinking of strategies such as this.
What the corporate MBAs would immediately deduce is that the tribespeople had been improperly incentivized, and should have been offered different shiny stuff. Numerous case studies would then be performed to find the optimum lowest-cost shiny stuff to offer to induce tribespeople to wreck their environment. Devastation of the rainforest would not be abated, while corporate profits and MBA bonuses would increase grotesquely for a few quarters.
Similar dysfunctional thinking would be applied to recruiting hackers.
Re:This is nonsense. (Score:1, Insightful)
The clean cut guy is clearly more of a conformist, likely less hostile towards authority, and because of that potentially less likely to be a whistleblower.
Re:Again with the military (Score:4, Insightful)
More like thugs with piles of corpses of corpses in their basement, that are overshadowed only by their needy desire for approval and respect, gang up on anybody looking at them the wrong way, while robbing those they claim to protect blind. Which is exactly the opposite of what you claim it is, defending something of value. It's destroying value, and for pitiful reasons.
Bill Hicks said it best, why even bother typing when I could quote that:
Bill Fucking Hicks.
And if you think a comedian doesn't count, try just about any great mind... they more or less all agree. They either didn't write about it, or they said something to the effect of the above. Anything lower than that is just mediocre BS. People lie to themselves, so they lie to you ("you" as in "the people"), and you drag that cart all the way up the hill... in it? Banal bullshit. Trinkets and lies. Coffins are being flushed down the toilet, while show tunes play.
George Orwell.
Deadstick.