Course Details

Assessment

Wargames

  • ~4 per week
  • Individual
  • 2+ is good (on track)

Exams & Assignments

  • Mid-sem exam week 6
  • Rootkit assessment (Group of 2 or 3?)
  • Final Exam

Hacker History

Golden Age

  • Phreaking
    • US Paper 1972 mentions potential for buffer overflow
  • John Draper (Captain Crunch)
  • Two broad classes of vulnerabilities
    • ‘Typos’ (bugs)
    • Design Flaws (e.g. control/data sharing same stream)

Silver Age

  • Packet switching (local networks/bulletin board systems)
  • William Gibson novel Neuromancer published in 1984
  • 1985: First edition of Phrack magazine
  • 1986: becomes more illegal
  • 1988: Robert Morris (dad of same name worked at NSA) wrote first worm written (buffer overflow, password brute forcing).
  • ‘Great Hacker War’ between MOD and LOD (Media sensationalised - not really anywhere near as dramatic)
  • DOS didn’t have a TCP/IP stack at the time, so there had been a focus on UNIX systems. But Malware and investigations on DOS began to emerge
    • Art of Computer Virus Research and Defense

Bronze Age

  • ~1993: spread of the internet
  • 1995: First remote stack-overflow
  • 1996: Smashing the Stack for Fun and Profit
  • Start of commercialisation of industry (start restricting information freedom through companies). Companies start paying for vulns.
  • 2001: Format strings
  • Exploit mitigations emerge (Pax)

Talk: Blackhat USA 2010 Meer History of Memory Corruption Attacks

‘Heroic’ Age

  • “antisec” movement
  • el8 zine (read all 4)
  • Killed the open research attack community
  • Hactivism (tapering off): Snowden etc.

Iron Age

  • Government commercialisation
  • Decline in computer science education
  • Client-side focus (rather than break into servers)