Friday, August 24, 2007

What Hackers Learn that the Rest of Us Don't

Sergey Bratus contrasts developers and academic programs with what "hackers" do on his article titled "What Hackers Learn that the Rest of Us Don't" in the July/August 2007 IEEE Security and Privacy magazine. For example:

  • Developers are under pressue to follow standard solutions, or the path of least resistance to "just making it work."

  • Developers are de facto trained to ignore or avoid infrequent border cases and might not understand their effects.

  • Developers might receive explicit directions to ignore specific problems as being in other developers' domains

  • Developers often lack tools for examining the full state of the system, let alone changing it outside of the limited API.

  • If you understand this statements:

    "In a typical academic setting... an ever-increasing number of topics limits the time the students and teachers can allocate for any specific one."

    oh wait! its FTV midnight hot......... I'll make it quick. Read this posts.

    1 comment:

    Temira said...

    Interesting to know.