This program is also available as a .

This is Part One of Code As Design: Three Essays by Jack W. Reeves. . This essay first appeared in the Fall, 1992 issue of C++ Journal.

In past projects, students have had the opportunity to

If you are reading a snapshot of this document offline, thecurrent version lives at .

Related requirements for the major:

This is equally true on a macro societal scale. The secret police don't just steal passwords and certs from your boxes. They also steal the credentials for legitimate government authority: your elections.

Two comments on word usage in this essay:

That depends on how talented you are and how hard you work atit. Most people who try can acquire a respectable skill set in eighteenmonths to two years, if they concentrate. Don't think it ends there,though; in hacking (as in many other fields) it takes about ten yearsto achieve mastery. And if you are a real hacker, you will spend the restof your life learning and perfecting your craft.

The bachelor's degree in computer science requires 41 credits of minor and/or elective coursework.

Audio/Video over IP for Broadcast

This time he was sentenced to 21 months in prison,followed by two years of "supervised release"during which time he was forbidden to eitherown or use any computer for his personal use.

Data Transmission Systems and Practices

So, I think the TAO head was right in saying 0-days importance is overstated. I mean, we should also make the distinction of *where* the 0-days are. In web, specific types of problems are so common we often think of them differently from 0-days even though they technically are. Whereas, a 0-day in Linux is harder to both find and use. A 0-day in Windows kernel is increasingly rare given all the QA they did due to other thousand 0-days. So, we should differentiate but still many other attacks exist.

Our faculty work or have worked at organizations including

The best way for you to get started would probably be to go to a LUG(Linux user group) meeting. You can find such groups on the ; there is probably one near you, possiblyassociated with a college or university. LUG members will probablygive you a Linux if you ask, and will certainly help you install oneand get started.

Experts in computer security, who are  attorneys,speak of "information warfare".

Or, as the following modern Zen poem has it:

Turing was the first to use computer simulation to investigate a theory of 'morphogenesis'—the development of organisation and pattern in living things. He began this investigation as soon as the first to be produced was installed at Manchester University. In February 1951 Turing wrote:

The basic difference is this: hackers build things, crackersbreak them.

Type: Honor societyAvailable To: Undergraduate and Graduate

Reading the comments it's clear that the debate between 'sexy infiltration' and 'non-sexy infiltration' is as prevalent as ever. Seems to me that as long as the human remains the weakest link in the chain (and that's not going to change any time soon) obtaining credentials through social engineering will be the easiest way to get into any system. It has the advantage that you know the credentials are valid, you can target credentials that get you into the parts of the system you want, and by definition, no detection system looking for unauthorised access is going to be triggered by a valid user. Plus of course, all the encryption in the world is no defence if the 'person' accessing the data is allowed to read it.
Of course you have to patch and detect, but until we go back to basics and educate and support the users we've lost at least half of the battle.

So, if you want to be a hacker, repeat the following things untilyou believe them:

This is called a denial of service () attack.

If you do email a hacker asking for advice, here are two thingsto know up front. First, we've found that people who are lazy orcareless in their writing are usually too lazy and careless in theirthinking to make good hackers — so take care to spell correctly, anduse good grammar and punctuation, otherwise you'll probably beignored. Secondly, don't ask for a reply toan ISP account that's different from the account you're sending from;we find people who do that are usually thieves using stolen accounts,and we have no interest in rewarding or assisting thievery.