Untitled Document
www.expresscomputeronline.com WEEKLY INSIGHT FOR TECHNOLOGY PROFESSIONALS
12 March 2007  
Untitled Document
Sections

Market
Management
Technology
Technology Life

Columns

Between The Bytes

Events

Technology Senate
Technology Sabha
Specials

HMA Bankbiz
UPS Batteries

Services
Subscribe/Renew
Archives
Search
Contact Us
Network Sites
Network Magazine India
Exp.Channel Business
Express Hospitality
Express TravelWorld
feBusiness Traveller
Express Pharma
Exp. Healthcare Mgmt.
Express Textile
Group Sites
ExpressIndia
Indian Express
Financial Express

Untitled Document
 
Home - Technology Life - Article

Humour

Stay obscure, be secure

T A Balasubramanian continues his tale of a million monkeys.

“Maybe a million monkeys on the Internet working for millions of hours may not produce great art—they need to use old-fashioned typewriters to do that—but they are sure to find chinks in any network they contact sooner or later, simply by the sheer statistical weight of numbers,” says Chubby Goldfinger. “Especially if the system they attack is popular enough, and spread across millions of desktops. This makes it easy for them to look and poke at identical targets, seemingly laid out for their easy entry. Sooner or later, with enough monkeys scratching at it, every single chink or opening can be discovered and exploited.”

Continuing his tirade against the community of black hats, or malicious hackers, Goldfinger, prime sponsor of the Hacker’s Gold Mine Meet, or HGMM, babbles on. Meanwhile, in one section of the Techno Over-exposition of Geeks and Gizmos for Lazy Enterprises (TOGGLE), you, Papyrus Bytewala, CIO of Baffle Corporation, accompanied by Danny DeVito, your CTO and associate, and also by Gene Hackman, CEO of Virus Busters, have reason to be concerned about the proceedings.

“Every single chink, eh? What if we hired the best code monkeys ourselves? The alpha hackers?” says DeVito, with a gleam in his eye that you observe with a sense of dread. “You know, get the virtuoso hackers and give them what they want at Baffle. After all, if they are working so hard to crack a system, why not make use of their talent?”

“Ah, that’s a thought,” says Hackman, still half-attentive as he continues looking around the crowded hall. Focussed on locating the thief called Robin Hood, he is too distracted to pay attention to you or your voluble associate from Baffle. Evidently, he is still glumly hoping to spot the crook who has made away with two of his notebook computers in the past, but he does have one ear open to his immediate companions right now. With a sigh, he turns his full attention to DeVito.

“Well, Danny, if you are getting the best hacker monkeys into your corporate pool, you must be ready to understand what motivates them. What do they need to do their jobs? How do you spot them? How do you attract them to come and work for you? And then of course there’s the question, how do you become one?”

“Ha, ha, Gene. Become a hacker? Me?” says DeVito. “Now that you mention it, maybe a CTO can aspire to alpha hackerhood. Why not?”

“You’re out on a limb here, Danny, so do not expect me to back you on this. Well, Gene, so what do they want, these alpha hackers?” you ask, attempting to get the topic back on the rails.

“Well, being in the virus mashing business, I do know a handful of alpha hackers. Now, let me see, what do they have in common?” says Hackman, sitting down on at a table. “Their defining quality is probably that they really love to write code. Ordinary programmers write code to pay their monthly rentals. Alpha hackers think of it as something they do for fun. And they are delighted to find people who will pay them for it.”

“So they are employable. That’s a relief,” you say.

“Hold on, Papyrus,” says Hackman. “Alpha hackers are fixated on breaking into the latest versions of everything, like the latest Windoves or Leanox, and so on. What fun is there in breaking into a system running something so ancient only a grandpa would even consider using it? Which means Baffle should be ready to splurge on the absolutely newest of new technologies. Shiny, blazing pots of honey that the monkeys would love to dive into.”

“Oh, well. We’re not exactly trail-blazers on the leading edge when it comes to investing in current technology,” you say, with a long face. “Baffle, you may say, is a happy laggard.”

“Most system intruders make use of known chinks in a particular operating system or server software. These little cracks are typically discovered, a little at a time, by those millions of bad hacker monkeys who poke and prod away, sharing the information they gather, like peanuts, from their (mostly failed) attempts with each other. You have an ancient system used by only a few servers, running software so oddball that cracking lessons learned on mainstream servers are of no use at all. Now imagine your local hacker monkey trying to crack your box, with an operating system and software he’s never seen before, about which no information is available in the usual online hacker clubs. I can bet he’s going to move on to an easier target. If you have no popular, current system, you are as good as invisible to great hackers.”

“Which is exactly why we prefer to be a little ancient, Gene,” you say, with some relief at discovering a saving virtue of being backward for once.

“But that will not draw the best hackers to your door, either,” says Hackman, with infinite patience. “Which is what we started off wanting to do, remember?”

“Ah, of course, that’s what we want,” says DeVito. You wonder how you got into this trap. ‘DeVito the Devious’ comes to the fore, you think, and it is now apparent that your CTO has a radical strategy in mind that is directly opposed to what you might have gone for as a play-safe conservative.

“Though, of course, if you change your mind and do decide not to hire alpha hackers, this ancient system you have at Baffle gets security through obscurity at its finest. Even the weirdest among the low-level hacker monkeys are not going to bother poring over the code thoroughly enough to find its soft spots, and those few who have the skills to do it almost certainly have better things to do with their time—like work—and will not bother you.”

“We want to be bothered, Gene, that’s for sure,” says DeVito. “And as Baffle’s CTO, it shall be my mission to get these smart monkeys the latest and most popular toys they want. Even if Papyrus here thinks it is safer to be obscure than sorry.”

“Well, like it or not, embracing obscurity by being old-fashioned is one level of defence, Danny. There is another level that I call smarts,” says Hackman, tapping his forehead suggestively. “Never forget, most monkey intrusions occur because hovering hackers take advantage of plain human imbecility—and these are humans we know—all your wonderful users, and sometimes, even you and me.”

“How so, Gene?” says DeVito, looking bewildered.

“We compromise our own systems. We end up lazily using ‘password’ as the password for remote access or running all kinds of juvenile services that create security holes so big a mammoth could walk in through them. These goofs have nothing to do with how ancient or modern the system being used is. No operating system or application ever written is completely idiot-proof. Some just take more idiocy to crash than others, you might say. But that’s enough about that. Let’s go back to talking about attracting the best hacker monkeys.”

 


UNSUBSCRIBE HERE
Untitled Document
© Copyright 2001: Indian Express Newspapers (Mumbai) Limited (Mumbai, India). All rights reserved throughout the world. This entire site is compiled in Mumbai by the Business Publications Division (BPD) of the Indian Express Newspapers (Mumbai) Limited. Site managed by BPD.