back to article Hacker-smasher: White hats join forces to build bot-beating weapon

In Hollywood, the good guys nearly always win. In information security, the bad guys ("black hats") often win, in large part because the bad guys know how to collaborate much better than the good guys ("white hats"). Until now. From Lulzsec to Chaos Computer Club, hackers increasingly band together to spring sophisticated …


This topic is closed for new posts.
  1. Zaphod.Beeblebrox

    So what you are saying is the white hats need to

    Stop, collaborate and listen.

    1. Anonymous Coward
      Anonymous Coward

      Re: So what you are saying is the white hats need to

      Is Ice back with a brand new mission?

      1. phear46

        Re: So what you are saying is the white hats need to

        Im not proud of knowing this, but I belive its invention, not mission. You probably already knew this and are deliberately pretending not to know so you can preserve some credibility.... Or you would be if not for being an ac!

      2. Anonymous Coward
        Anonymous Coward

        Re: So what you are saying is the white hats need to

        How are you going to fit in the bit about "rollin' in my five point o, with the rag-top down so my hair can blow"?

    2. Tank boy

      Re: So what you are saying is the white hats need to

      The problem is that up until now they haven't stopped. They just rolled by.

  2. dr2chase

    Keeping white-hat info unpolluted?

    It would be interesting to know how the white-hat teams aim to avoid eventual infiltration. OpenDNS is apparently open to almost anyone who cares to contribute; I went nosing around after a local "gay and lesbian choral group" found themselves blacklisted as if they were some sort of a porn site (because, you know, "gay" and "lesbian") . Near as I can tell, some of the "contributors" to OpenDNS are just running keyword-driven bots, and as soon as three or so of those agree, well hey, that's consensus, right?

    On some topics, these "contributors" had a false-positive rate higher than 95% (i.e., I reviewed 20 of their flagged websites, and all were wrong).

    1. Jess--

      Re: Keeping white-hat info unpolluted?

      if you get enough users checking each others work (i.e. set the same task to 10 people and compare their results) then you instantly have a fairly good method for getting the right answer, of course the more users you have the more likely this system is to work reliably (if 99% of your users are truly black-hat then you're screwed)

      over time you can use past performance to apply a weighting to each users result, i.e. fred bloggs has reported 85% of his tasks wrongly but john smith has reported 85% correctly, simplest method would be to say that before a decision is made there needs to be 1000 votes, John's vote counts as 85 but Fred's vote only counts as 15.

      in this way it becomes quite hard to game the system because the more somebody goes against the majority the less significant their vote becomes.

      1. David Pollard

        Re: Keeping white-hat info unpolluted?

        "If you get enough users checking each others work (i.e. set the same task to 10 people and compare their results) then you instantly have a fairly good method for getting the right answer."

        Presumably a similar method to ensure the "right answer" will be in use in the trial of Pussy Riot, and that the more such individuals "go against the majority the less significant" they become.

        As others have pointed out, in some situations hat colour depends on the viewer's political orientation.

      2. Irongut

        Re: Keeping white-hat info unpolluted?

        "if you get enough users checking each others work (i.e. set the same task to 10 people and compare their results) then you instantly have a fairly good method for getting the right answer, of course the more users you have the more likely this system is to work reliably"

        Because that approach works so well for Wikipedia.

    2. Mr Young


      I didn't know 'choral group'(s) had to declare their sexuality - learn something new every day etc

  3. Thomas 18
    Black Helicopters

    Black hats have more incentive to work together

    What with all being in the same office of MI5

  4. Anonymous Coward
    Anonymous Coward

    Wouldn't it be easier if some of the white hats joined the black hat party?

    It wouldn't be entrapment, and would provide some great intelligence on activity.

    Heck, it would even make a good film.

    1. Rusty 1

      Depending on the ratio of black hats to white hats, you'd get varying shades of grey. Possibly as many as fifty. Really might make a good film, if you like that sort of thing.

      1. Graham Marsden

        @Rusty 1

        Really would make a bad film if you know much about BDSM and understand that interest in it is not generally a result of childhood abuse (or that most people who are into it don't have mental health problems, see Secretary for details) and that a BDSM relationship needs communication and understanding of the participants limits and desires, let alone emphasis of the importance of safety and respect.

        (Sorry about the hijack, but 50 Shades of Drivel is giving a lot of people the wrong idea about BDSM)

  5. Anonymous Coward
    Anonymous Coward

    You think the whitehats haven't done already?

  6. Gazareth

    The Poster Who Was Thursday?

  7. Anonymous Coward
    Anonymous Coward

    Matt appears to be colour blind

    For someone supposedly well-connected, this piece is astonishingly provincial. Well, not that astonishing, given how his well-connectedness appears to end entirely when leaving silly valley, but I digress.

    Anonymous is more a moniker than an organisation, so isn't "well-organised" by any means. The CCC is an actual verein, a legal entity and everything, much like 2600 magazine is an actual magazine, with offices and everything. Oh, the CCC publishes a periodical too. Might as well paint everyone who reads either a "black hat". Or people who attend CCC meets, like the annual congress. Plenty of people who go there also end up on HOPE or on various other "infosec" congresses.

    Who's a "white hat" and who's a "black hat"? Apparently the only difference is whether you get paid and pay taxes on those proceeds. Maybe not even that. The real scum aren't hackers at all; the people doing the grunt work of actually exploiting, building botnets, filching low-hanging fruit, selling on the data, cashing, muling, that sort of thing. Very little innovative skill involved, but a lot of organising and making sure you don't get caught. Or maybe it's the people that build really big databases tracking all sorts of things, and then selling their big brother services to any government (the US by preference). Or, well, how many species of pig-or-man or man-or-pig do you want?

    Since Matt seems to get definitions entirely from press releases by companies selling "research" that really isn't worth the time to read it, I'll point out that the CCC puts out press releases too. And so does Anonymous, of sorts. See? White hats. Sorted. And next time, read a little more before you stick your foot in again, please.

    No, I'm no member or either, I don't particularly like them and they don't like me (I have that on file somewhere), but it still doesn't do to just jot down some base libel to glue together the weekly el reg deliverable from someone else's self-serving press releases gushing useless numbers and how relevant they are (not). Then again, maybe it's just Matt who lacks relevance. He dangles just below ceerow, after all. What, low blow? How so?

    1. Destroy All Monsters Silver badge

      Re: Matt appears to be colour blind

      Damn can't upvote twice.

    2. Mr Temporary Handle

      Re: Matt appears to be colour blind

      I quite agree.

      Another couple of issues he seems to have 'overlooked'.

      "What's in it for us?"

      For businesses this is perfectly understandable. They are not charities and running any kind of business is a damned expensive affair these days.

      For government bodies, NGO's and volunteer groups there is no such excuse. They are *supposed* to be sharing this information. It's the very reason for their existence in most cases. Yet they repeatedly hold back vital information in order to 'make the announcement' themselves.

      Part of the reason for this is that these organisations are often run by (and/or stuffed full of) academics who's standing amongst their peers is measured by the number of publications which carry their name.

      And then of course there is the appalling lack of social skills so prevalent amongst InfoSec 'professionals' at 'the sharp end'. In far too many cases these people are simply not capable of co-operating with others on technical matters. The "I'm right and you're full of excrement" Syndrome as I once heard it described.

      One case in point is our 'technical types' who have to be 'reminded' not to bring inappropriate items into the office on a fairly regular basis. Pointing out that it doesn't look very professional if a client comes in and half their desk is covered in a neat array of 'Action Figures' simply falls on deaf ears most of the time.

      1. Mr Young

        "appalling lack of social skills"?

        I haven't even got used to daylight yet! Long live technology - onwards and upwards etc. The client may actually not care about the Action Figures? Or you've got a hang up? Or the desk space is underutilised? Does what he get actually work...

        1. Mr Temporary Handle

          Re: "appalling lack of social skills"?

          I used the phrase 'Action Figures' for the benefit of American readers who wouldn't understand if I called them plastic dolls.

          But regardless of what you call them, it looks - and is - very unprofessional. These people are *supposed* to be adults.

  8. newro

    Chaos Computer Club

    CCC, most defiantly not black hats. The club is very open and has a huge member base. So yes, there are the occasional black sheep's. But from a public representation they are more on the white-ish side of things. They often get invited as expert witnesses, for example by the constitutional court.

    1. The Flying Dutchman

      Re: Chaos Computer Club

      If the CCC is categorized as "black hat", the so-called Bundestrojaner was supposedly an all-above-board white hat operation?

      1. newro

        Re: Chaos Computer Club

        No. But once we stop thinking in strict black and white terms, the really question is where on the grey scale they are. And I would argue that they are pretty much on the light end of things. They are very careful to operate within the law.

        For the Bundestrojaner, it was the government who broke the law, not the CCC. And at the conference 2 years ago, they actually obtained a license to run their own GSM network, so they can show how to hack it, as it would be illegal to hack an operational one.

        But overall, most of the active members are really more the old-school type of hackers with a soldering iron. I really loved the "Not your Grandfathers moon landing" oh, and there is also the laptop in space thing or Building a Distributed Satellite Ground Station Network - A Call To Arms

  9. Anonymous Coward
    Anonymous Coward

    Long prison sentences will reduce hacking

    You can't stop all hackers but you can put many of them in prison for a long time, which is PC correct vs. executing them, the more practical and logical solution. They certainly can't hack if they are dead.

    1. Knochen Brittle

      Give it up, Bryant

      ... you can't hide behind Anon whilst continuing to talk like the Pentagon's new Hillbilly Spambot in beta.

    2. Mr Young

      Re: Long prison sentences will reduce hacking

      OMG - I didn't break break the law today! Also - If everybody was in prison would the income tax take go down?

This topic is closed for new posts.

Other stories you might like