At the Defcon conference in Las Vegas last week, kids aged 8 to 16 were exposed to the world of hacking. Some may fear indoctrinating a new generation of Anonymous and LulzSec members, but young minds can expand the horizons of technology and computer security to effectively combat hacking collectives such as these.
The kids track spanned two days, and attendees witnessed presentations and listened to lectures from a range of security experts, including officials from the Department of Homeland Security and the NSA (National Security Agency). Kids were encouraged to think outside the box to be able to identify security flaws in the computer and gaming platforms they use every day.
Truth be told, kids are sort of natural ‘hackers’. Kids have an innate sense of wonder and curiosity that–for most–dies a slow death as they get older. If you have ever played the “why?” game with a four year old, you know that curiosity is boundless. In many cases being more “mature” is just code for being more jaded and simply accepting things at face value rather than tenaciously searching for deeper answers.
Hackers–and hacking–are not inherently insidious. In fact, hacking purists get their feathers ruffled because hacking is a benign, perfectly acceptable practice, and the term has been co-opted by the dark side.
While most people just use technology in its prescribed manner, hackers consider what it can do, rather than what it is supposed to do. Hackers push the envelope and find the weak spots. They don’t stop at what a device or program does–they dig beneath the surface to understand how and why it does what it does. They use unorthodox methods and think outside the box.
Malicious hackers use these skills to circumvent the design of a device or program and expose security holes. They break into corporate and government networks and compromise sensitive data. They intercept usernames and passwords, steal identities, and rip-off bank accounts. They give hacking a bad name.
There is another side to the hacking coin, though. In an “it takes a thief to catch a thief” sort of way, we need people with those same skills, and that same sense of wonder and curiosity–but with better ethics and a truer moral compass. We need hackers who can find the same holes as the malicious hackers, but work to plug them and protect systems and data rather than exploiting and compromising.
Cameron Camp, Researcher for ESET, says “Young hackers need to be convinced that hacker life is rewarding without going to the “dark side”–that interesting careers are to be had working for the good guys,” adding, “To that end, we see recent efforts from Google and Facebook at providing bounties to incentivize hackers for finding and reporting bugs, not exploiting them.”
The Defcon kids track is an awesome idea. It’s a wonder it took this long to introduce such a concept. I expect the kids track at future Defcon conferences to have greater attendance, and hopefully we will all benefit one day from raising a new generation of hackers.