Hacking for the greater good
Posted on 29 May 2014.
As long as people write code, they will write code with flaws, says Katie Moussouris, former Senior Security Strategist Lead at Microsoft Security Response Center and, as of today, Chief Policy Officer of HackerOne, the company that partially hosts the Internet Bug Bounty.


But security researchers should empathize with them, not just tell them that their "baby" is ugly and flawed, she noted. They should note and praise the things they did good and point them towards ways of making their code better and more secure.

We should all consider the other side, and go out of our comfort zone and take more than just a peek, she said in the keynote she delivered at the Hack in the Box conference today. Hackers and breakers should consider trying to fix things, and defenders should try to attack and breach their own defenses (or those of others, after having secured the permission for doing so).

Security researchers should try to do something more meaningful with their security knowledge, for the greater good. Yes, they should educate and help their friends and family and, yes, they should help vendors and point them to standards they could use and to the things they could do to improve their security stance, but they should also diversify their interests and try hacking and think of ways to fix things, especially the “everyday tech” - the Internet of Things as it is and as it develops.

She brought attention to I Am The Cavalry, the organization that is focused on issues where computer security intersects public safety and human life (the medical and automotive field, as well as the public infrastructure and home tech), and of which she is a supporter.

But she also mentioned that in addition to all of this, it is high time for the chain of influence to be "fuzzed" - there is a great need to make law makers and policy makers understand the issues and importance of computer and information system security as the technology develops in leaps and bounds.

Pretty soon, she says, the Internet of Things will simply become the Internet, and we should all work towards making it more secure.









Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Sep 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //