We Need Hackers and We Need Them Yesterday


(image credit: American Free Press)

Until very recently, US policy has been to treat hackers much like terrorists. This is terribly unfortunate for the US at large, since the talents these hackers posses can be directed toward protecting US governmental and corporate interests. But our government insists on treating all hackers as dangerous. Why? Policy makers have a lack of working knowledge of computer science and security. And the unknown is always a scary thing. The result? We have stunted the growth of prospective computer science and security experts and developed a counter-culture of irresponsible hackers. As you may have noticed in recent headlines, we increasingly tracing large-scale hacking attempts to foreign governments. We need thousands of our own hackers, and we need them yesterday.

It is hard to keep ahead of advances in technology, but computers have been ubiquitous for nearly thirty years. Today, even our phones are hand-held computers. We are more likely to stay in touch with our family and friends via computer than by phone or postal letters. There is no reason for current policy makers to view those talented at manipulating these devices as an automatic threat. And since computing and network connectivity have become so commonplace, security exploits have more far-reaching effects.

Colleges and universities have shown an unwillingness to teach students how to take advantage of programming security weaknesses. The closest correlate I could draw to this sort of fear is that the US refuse to train any more special forces, for fear that they would get loose and run amok on our city streets. The sad result of this sort of shortfall is that hackers train themselves, and those hackers often have something to prove, instead of seeking the rewards we all seek in our own careers.

Another fault lies in the fact that computers have become incredibly easy to use. We now have “intuitive” interfaces (Windows, OSX, iOS, Android, etc.) with high levels of abstraction. At first, computers had very low levels of abstraction. We had to send information bit-by-bit to allow computers execute commands. That required a high level of knowledge – everyone who used computers had to be a hacker. Later, programming languages moved into common use. This allowed a higher level of abstraction, and you had to learn a programming language to manipulate computers. Now, working with a computer requires almost no fundamental computing knowledge – the highest level of abstraction in computing so far. All we need to do is touch, or click, or type a request in our own language and we get the results we expect.

As a result of this simplification, we have fewer people in the US who are developing fundamental computing and security skills. Computer science programs in US colleges and universities are seeing fewer and fewer entrants to their programs and those who do enter often have no previous programming experience. High school programs designed to prepare students for a major in computer science often only include a some HTML development (website development), but little to no instruction in programming languages. Some institutions have pegged a 70% decline in computer science course entry at the college level since the 1990s. There is little to no encouragement to pursue this sort of career path in the US, and hackers most often learn on their own as a hobby, rather than learning coding and computer security skills through a formal education. Representatives from the NSA have stated that almost all the people they recruit started their hacking career with no formal computer science training and were self-taught. And then we bring the hammer down on these people when they attempt to exhibit their skills in public.

The NSA, DHS (Department of Homeland Security) and CIA have recently hosted a national hacking competition, but there were only three hundred participants. Three hundred! That so few talented hackers attempted to solve the puzzles presented by our government in a competition is astounding. We literally need thousands more to protect US and corporate interests. There are informal annual hacking conventions (DEFCON/Black Hat, in Las Vegas, for one), but the participants are generally the kind of people who are not interested in working with governmental or corporate interests. In fact, many have had run-ins with government and tend to look at any organization outside of their own with contempt and apprehension.

Don’t get me wrong, the NSA hiring hackers from DEFCON to protect against internal threats has its merits. But national governments around the world are sponsoring hacking efforts against the US. We are years behind this kind of recruiting, organization and training. And we are that far behind because we have cultivated a hacker-phobic culture instead of encouraging those skills in a productive environment.

While we may currently be able to defend against or react to these kind of government-sponsored attacks, defense cannot be the only strategy to keep our information and systems safe. Even when we can trace an attack directly to China or North Korea or Iran, we often do not have any means of proving guilt or petitioning an international regulatory body to exact penalties for the attack(s). I suggest that we need to be able to field our own hacking resources, an army if you will, to keep others occupied with our exploits against their systems. Perhaps one of the most effective ways to keep international hackers busy is to take the fight to them – to keep them occupied in protecting and defending themselves. We don’t do that yet, even if Hollywood might want you to think we do. Certainly not on the scale we need to.

So, the answer really comes down to two points – we need to stop marginalizing talented hackers in the US, and we have to start encouraging interest in computer science and security in our youth. Hacking is a valuable talent that we desperately need to protect our interests. Other countries have a years-long head-start on us, and if we want to continue to be able to protect our information and systems in the future, we have to get cracking. I’m doing my part – I have purchased a Raspberry Pi to introduce my son and daughter to programming. I hope they will have an interest in how a computer works, but at the very least they will be more informed users in the future and better able to protect himself. Let’s hope we encourage additional talent before we lose our valuable information to other countries. Our stability may very well depend on it.

Decline in computer science majors in the US: http://ars.to/MZEpCS

From where are hackers attacking?: http://gtnr.it/10qIkjI

The NSA recruits hackers, but what about other federal agencies?: http://bit.ly/LIlKrv

Edit 5/25/2013, Additional hacking attempts at US utility companies: http://bit.ly/12THKtk


English Is Dying And Blogs Are To Blame

Male teacherI don’t know if you’ve noticed, but the mere existence of blogs seems to be killing written English. Lack of appropriate capitalization, lack of references and incorrect spelling have become my new pet peeves. There are a number of reasons for this and, while it might be particularly distracting for me, why should you care?

We all rely on communication more than we think in the internet age. While it may seem counter-intuitive, blogging (especially tech blogging) is becoming a young-people’s sport. How many of you who are reading this have children whose class projects include maintaining a blog, when you don’t even have one yourself? Don’t worry, it is pretty common. The best instructions I got for installing Ubuntu on my MacBook was from a YouTube poster who couldn’t have been older than twelve.

My second daughter (now leaving her undergraduate career and launching herself into the competitive illustration field) initiated her first blog when she was in high school. Educationally, her high-school allowed her to focus on art. She now has three blogs (one art-focused, one personal, and one shared with another writer). Like many her age, she viewed English as a hill to climb and not a golden ticket to greater opportunities. She complains about the necessity of writing classes in her art degree, yet writes new public material nearly every week.

Now I worry for her. How will she present herself to her prospective clients? Will it be from the standpoint of someone who has not yet mastered basic written grammar, or will it be an excellent first impression? Because, really, those are her choices.

Much of her art-based work will be reviewed online. Her art blog is public and will reflect on her publicly. Spelling (contextual or otherwise) could reflect badly on her. Would an ad agency be interested in excellent art from an artist who can’t spell or distill an essay down to a sentence or key phrase? All anyone has to do is read a few of her posts to get a first impression of her. The same will go for you and/or your children. Pandora’s box is open. Whether you’re looking for more hits or paying clients, your online writing could be the only impression anyone will ever get of you.

So, beyond the arbitrary daughter examples, what makes me think the written English word is dying?

  • Spelling doesn’t count – remember that guy who always asked in science class if spelling counted? Well, it does. But check any blog, YouTube video (especially the comments) or forum post. Unless it’s an English-centric post, the spelling will be atrocious. Especially the contextual spelling (words that are spelled correctly, but used in the wrong context. Think “your” and “you’re”). Spell-check doesn’t cut it. You have to be sure the word belongs there, even if it is spelled correctly.

  • Disgust with corrections – I have often tried to let people know that they spelled something wrong or used the wrong word in a response that could have led to confusion. Tried to be nice. Tried not to be a nudge. Normally the response goes something like this: “Who the (expletive) cares? This isn’t English class.” And I am not the only one who seems frustrated by this linguistic indifference – I see others out there offering helpful suggestions and they get shot down nearly all the time. We’re not butt-hurt. We’re trying to help you.

  • Writers are damn young these days – Like my daughter, a huge number of bloggers are starting off young. They are not getting their cues from their English teacher, they are getting them from other bloggers they follow. Now everyone is a role model. My daughter is inspiring other art writers just by existing on the blogospehere. Don’t be a bad role model.

  • Editing is a skill – one of the best things an English teacher ever told me was to let my writing go. Sound a little too Zen-Buddhist? Let me explain. The worst time to finish a paper is when your ideas are flowing. That’s the time to write, certainly. But not the time to publish. When you’ve gotten everything out, take a break. Hide your written words somewhere and go fishing. Come back two days later and say to yourself “WTF did I just write? I wrote that?” That’s when good editing can happen. The first draft is usually not the best draft, but it is the one most frequently published online. Remember someone, maybe many someones, is going to read your work.

Am I the best writer in the world, or the most expert in English? Do I always produce a written English opus? Certainly not. But, if I do have two areas of expertise, they would be English and PC repair. Heck, I got my English degree from a pretty good school known for producing excellent writers. Spelling does matter. Using the correct “your” or “you’re” in context is a very good idea. I still have my copy of Strunk and White’s “Elements of Style.” So should you, friend blogger.