Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

8/11/2011
05:29 PM
Mike Rothman
Mike Rothman
Commentary
50%
50%

Judge Thyself

The haters came out of the woodwork regarding Defcon Kids. What are they scared of? That kids may actually learn something useful?

As I've had a week to kind of digest the annual hacker fest known as Black Hat, Defcon and BSides in Vegas, I continue to marvel at the kind of research the smart folks in our industry do. They break things in ways it's hard to imagine. Outside of the typical corporate environment, you get to see folks as they are. Some sport their black T-shirts. Others mohawks and other interesting hair. Still others in their preppy best or wearing a kilt. Hackers come in all shapes and sizes. All genders, philosophies, and religions - or not.

The thing that unifies the community is a love of breaking things. A refusal to accept that something cannot be made to do something unintended. It makes no difference who you are, where you are from, or what you look like, as long as you can break stuff in interesting ways.

Yet, it seems we don't accept that parents have a right to teach their kids whatever they want, however they want. Within the boundaries of the law, that is. There was a decent amount of backlash for folks wondering how respectable parents could let their kids go to Defcon Kids. There will be hackers there. Doing hacker-like things. Expressing themselves as they see fit.

So these folks are happy to attend Defcon, or follow the proceedings from afar. Yet, they don't want their kids to see their life. See their community. See what their folks do and the kinds of people they work with. Seems to me like hypocrisy of the first degree.

You can paint a lot of the issues we have a society, globally, to the fact that many people have problems with how others live. They don't like them because they look different or act different or like different things. Therefore they are wrong. And these folks fear showing their kids some drunken people or maybe some folks with, uh, a lack of clothing. Gosh, their little heads may explode. And heaven forbid they find Dad's "special" movies.

It's a load of crap. You know how kids learn? By seeing different things. You know how they decide what is right and wrong? From the example set by the folks around them that the trust. Treat your kids with respect and they may listen. Fail that test, and I guarantee they won't. Do I worry that my kids would become drunkards, if they see a drunk person? That they will become sex addicts if they see some nudity? I don't.

I don't worry about these things because I realize my kids will make up their own mind. It's that damn free will thing. They will decide what path is best for them. They may reject my value system. I hope not, but I don't make any assumptions. So the only thing I can do is show them a lot of different things. I can provide my opinions about what is good and/or bad about how others live. Tell them what I'd do in a certain situation. Pick them up when they learn the same lesson I learned in the school of hard knows. They need to figure out what is right for them. Sheltering them from the world isn't going to get them there.

Defcon Kids and HacKid are all focused on exposing the kids to all sorts of things. Things that we enjoy, like programming, social networking, games, lock picking and even social engineering. Are those bad skills to have? Why don't you look in the mirror and ask yourself? If you were squawking about others taking their children to Defcon Kids, what are you ashamed of?

Actually, don't do that. I don't much care. That's your issue, not mine. If you don't want to take your kids to Vegas, don't. What I do object to is you trying to force your values on me or on anyone else. So basically, shut your pie holes. And sit in your room grumbling over how these folks are ruining our world.

I'll be teaching my kids about accepting other people. About embracing our differences. About learning new things. I think those are much more useful life skills than being a hater. But that's just me. Mike's bold perspectives and irreverent style are invaluable as companies determine effective strategies to grapple with the dynamic security threatscape. Mike specializes in the sexy aspects of security, like protecting networks and endpoints, security management, and ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
Black Hat Q&A: Hacking a '90s Sports Car
Black Hat Staff, ,  11/7/2019
The Cold Truth about Cyber Insurance
Chris Kennedy, CISO & VP Customer Success, AttackIQ,  11/7/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16863
PUBLISHED: 2019-11-14
STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the ECDSA private key via a side-channel timing attack because ECDSA scalar multiplication is mishandled, aka TPM-FAIL.
CVE-2019-18949
PUBLISHED: 2019-11-14
SnowHaze before 2.6.6 is sometimes too late to honor a per-site JavaScript blocking setting, which leads to unintended JavaScript execution via a chain of webpage redirections targeted to the user's browser configuration.
CVE-2011-1930
PUBLISHED: 2019-11-14
In klibc 1.5.20 and 1.5.21, the DHCP options written by ipconfig to /tmp/net-$DEVICE.conf are not properly escaped. This may allow a remote attacker to send a specially crafted DHCP reply which could execute arbitrary code with the privileges of any process which sources DHCP options.
CVE-2011-1145
PUBLISHED: 2019-11-14
The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.
CVE-2011-1488
PUBLISHED: 2019-11-14
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a sequence of repeated log messages sent withi...