The Business of Hacking

Tue, Apr 23

In 1998, a group of hackers from the L0pht hackerspace testified before the Senate Committee on Governmental Affairs. Their testimony revealed the woeful state of security on the Internet to the public, and was intended to be a call to action: if the government, private industry, and computer hackers could stop being adversaries and begin to cooperate, security would be drastically improved for everyone. It was a landmark moment in the creation of what we now know as the computer security industry. But the L0pht wasn't the only group professionalizing --- hackers from around the globe were joining newly-established security teams at large technology companies, forming their own start-up companies, and making quite a bit of money as freelance consultants. This era can be seen as the close of the underground subculture that centered around breaking into computers. We have three learning goals for today. By the end of our lecture class, you will: 

1. Learn how computer hackers brought major insecurities in operating systems and computer networks to the attention of the highest level of the United States Government, which in turn put pressure on the technology industry to take security seriously. 
2. Understand how the technology industry pivoted to embrace computer hackers, who began to leave the underground scene behind as they found new success (and big paychecks) in business. 
3. See how the computer security industry continues to evolve through a dynamic ecosystem encompassing everything from start-up companies to the largest Silicon Valley players. 

The digital artifact for today is the Nessus Proprietary Security Scanner.

The slides for today's lecture are available here.