By Oz Litvac
In the ever-advancing world of computer networks and information technology there is a thin line between right and wrong. City College instructor Sam Bowne’s class, Ethical Hacking and Network Defense, defines that line.
So what makes hacking “ethical”?
“It comes down to intent and results,” Bowne explains. “The only difference between us and criminals is that we have permission from the target.”
During an April 7 class session, as Bowne went over several industry-standard programs, he gave examples of famous incidents when those programs were used unethically. “This is what Anonymous used to hack PBS,” he says referring to Havij, an automated SQL injection tool. SQL stands for Structured Query Language, an international standard for database manipulation.
“Taking this class helps me understand hacking attacks and coincides with a network security class I’m taking,” said Chris Rimando, a student in Bownes’ class.
The class is not for everyone, students take the course for different reasons; some work in the industry while others take the class with hopes of becoming an overnight hacker. They often don’t make it halfway through the semester.
Bowne is a supporter of the idea that hackers should go through all the proper steps to become certified. If they betray their code of ethics then they would lose their credentials, in the same way doctors would lose their license for medical malpractice.
Some have tried to prevent Bowne from pursuing his purpose over the years. They object to teaching students the “do’s” and “don’ts” of hacking, however ethical, in a college setting.
“I’m the force of civilization coming in and cleaning up this mess,” Bowne said. “It’s gone from being forbidden to being required.”
According to Bowne, security is when you have a balanced mix of confidentiality, integrity, and availability. The unfortunate part of this is that to get one you must sacrifice the others, leaving yourself in a vulnerable state.
Inspired by a recent alert about a new malware, Flashback Trojan, which has infected hundreds of thousands of Mac computers in the U.S., Bowne has set up a survey on his website to take Mac users through the steps to check if their computers are infected with the malware.
According to the CNet new website, Flashback Trojan is designed to grab passwords and other information from users when they visit malicious web sites and download the virus believing it to be mainstream browser plug-ins. At that point, the malware installs code designed to gather personal information and send it back to remote servers.
“Java is the most dangerous thing to run on your computer, Adobe pdf reader is next on the list and third is Adobe flash-player,” Bowne says.
The survey is available on his website at www.samsclass.info under the Mac Malware Survey link.