Breaking News
Comments
Newest First | Oldest First | Threaded View
Page 1 / 5   >   >>
junko.yoshida
User Rank
Blogger
Re: "Discoverey" has a lot to do with it
junko.yoshida   11/7/2013 3:35:10 PM
NO RATINGS
Indeed. That's a great point. Most of our readers confessed how they grew up tearing things apart. So, in that sense, "hacking" could be described as the genesis of engineering. 

Duane Benson
User Rank
Blogger
"Discoverey" has a lot to do with it
Duane Benson   11/7/2013 3:32:50 PM
NO RATINGS
Hacking (by my definition) is a lot about understanding how things work and how to make thinge operate in new, different or more efficient ways. Part of that understanding can come through taking things apart.

That leads to a question: Of all of the engineers that you know, how many took things apart when they were kids? Most that I know took apart radios, clocks, televsions, anything with a motor, etc.

If that doesn't show the hacker mindset, I don't know what does.

slomobile
User Rank
Rookie
Same
slomobile   7/31/2013 6:45:53 PM
NO RATINGS
When they are good, an engineer and hacker are exactly the same thing.  If differences exist between what a person does and either definition:

then the hacker has not yet reached his potential

or the engineer is having his potential limited by management.

The problem with the specific example given is not that a fundamental difference exists between hackers and engineers; but that anyone that has spent a great deal of time and effort perfecting something will be blind to certain faults.  If you just spent a month making a system as secure as you are able, and then you are given a day to "think like a hacker" and try to find ways to circumvent your own security, you will fail to breach your own system because you have already fixed all the exploits you can think of.  The solution is to get a fresh set of eyes performing security tests, someone without a vested interest in the success of the device.  

Bert22306
User Rank
CEO
Re: It's in the discipline
Bert22306   7/29/2013 5:23:11 PM
NO RATINGS
"Because engineers and attackers are no different in terms of their ability to think analytically, are they having no problems in playing interchaneable roles?"



The way I would put it is simply that network security is a discipline that becomes increasingly important as more things are interconnected. But there's nothing new or different in this. Engineering has always had to deal with innovation. That's what it's all about. When I went to school, Ethernet was just being born and Internet Protocols did not exist yet. Now packet-switched networks and internetworking are a major discipline.

Cybersecurity is a relatively new field just like digital electronics and solid state electronics were new a few decades ago. With cybersecurity, the problem is not that engineers can't think that way. The problem is that it's a constant battle. Then again, what's new about that? Isn't this always the case? E.g., with faster and faster chips, aren't we similarly having to solve and re-solve problems of heat, of pulse rise times, of latency in interconnects? With cybersecurity, you're similarly having to re-solve problems, as new vulnerabilities emerge.

Tom Murphy
User Rank
Blogger
Re: It's in the discipline
Tom Murphy   7/29/2013 5:13:57 PM
NO RATINGS
I totally agree with Bert and Frank on this. The term "hacker" was hijacked by the media some time ago and redefined as someone with malicious intent. But as far as I'm concerned, it's just a slang term for "hacking" code in the same way that "hacks" is sometimes used to (mostly as an insult) to define journalists or marketers who'd do anything for a buck.  

In fact, there's a large national meetup group called "hacks and hackers" that includes engineers and journalists who are looking to apply innovative technology to advance journalism. In that context, neither side draws offense at the term, and the group's intent is absolutely positive.

Frank Eory
User Rank
CEO
Re: It's in the discipline
Frank Eory   7/29/2013 4:45:35 PM
NO RATINGS
Well said Bert. I don't really understand all the fuss, regardless of which definition of "hacker" is meant. Engineers sometimes fly by the seat of their pants and "hack" quick and dirty solutions to problems, and certainly some engineers are criminals -- or could be if they wanted to be. Ironically, it wasn't that long ago that EE Times had an article about infamous engineer-criminals -- but those guys were violent types, not malicious intruders of networks.

I also like your point about how engineers have always had requirements to make their designs foolproof, temparture-proof, etc. Actually, "proof" is too strong a word -- "resistant" is more accurate. In any case, if your next design happens to included network connectivity, you simply add hacker-resistant to that list.

junko.yoshida
User Rank
Blogger
Re: It's in the discipline
junko.yoshida   7/29/2013 4:43:09 PM
NO RATINGS
no, my point wasn't really about defining what an engineer is and what he is not. 

I didn't mean to pigeon hole any of the engineers. 

But I was simply responding to the original off-hand comments made by a Freescale executive about automotive security. How are engineers working at those companies (and I am talking about those who have not been necessarily hired as security experts) responding to the rising needs of "thinking like attackers"?

Because engineers and attackers are no different in terms of their ability to think analytically, are they having no problems in playing interchaneable roles?

Or, are some chip companies beginning to hire security experts to find security holes in a system to which they supply their chips?

Bert22306
User Rank
CEO
Re: It's in the discipline
Bert22306   7/29/2013 4:29:20 PM
NO RATINGS
Junko: "Does anyone here work for a coporate environment in which you are encouraged to let your hair down and think like 'attackers' in your engineering projects?"

Honestly, too much is being made of this. Too narrow of a definition, too much unsubstantiated differentiation of categories of people. Like Duane said, the defintion of "hacker" used in this article is that of a criminal. Not the experimenter or the quick-fixer, as it was previously meant. Engineers can also be criminals, if it comes to that.

Part of good engineering design has always been to make the product as fool-proof, idiot-proof, temperature-stable, voltage variation tolerant, and any other kind of "proof," to make the product as robust as possible, operating in its intended environment, within cost constraints. Defense against criminal attacks has to be included along with all the other defense mechanisms. And of course new pathways for criminals, never mind just plain old bunglers, become possible, the more interconnected a product is.

Engineers have always been taught these things, even if the narrow focus on hacking into a system via its network connections is a relatively new twist. Look at all the security updates you get with Windows OSs. It's an ongoing problem. The more a product is designed for convenience, the more pathways are created that can be abused, the more new measures have to be devised to protect the system from intentional OR unintentional intrusion.

For example, remotely installed software updates in a digital control system are convenient, but create pathways for abuse. EXACTLY THE SAME WAY thet the OBD-II system is convenient, and creates pathways for abuse.

Let's not put too much of a fine point on "what an engineer is" and "what an engineer is not."

Susan Rambo
User Rank
Blogger
Re: Hackathons on the rise
Susan Rambo   7/29/2013 3:08:05 PM
NO RATINGS
Hmmm. We could consider the Manhattan Project was a big hackathon and, depending on your point of view, the scientists were either malicious hackers or the kind in the white hats.    (Of course, that kind of hackathon is not welcome at DESIGN West.) 

Tom Murphy
User Rank
Blogger
Re: It's in the discipline
Tom Murphy   7/29/2013 1:53:53 PM
NO RATINGS
Duane: I also agree with your insight that the hacker mindset suffers inside large corporations.  One of the things that amazed me about Steve Jobs' leadership at Apple was that he kept that alive as the company grew.  I can't think of another innovator (or hacker in this context) who achieved that at another company of comparable size.

This begs the question: Who do you think is the greatest living hacker/innovator/inventor who is in a leadership role within any major company, worldwide?

Page 1 / 5   >   >>


EE Life
Frankenstein's Fix, Teardowns, Sideshows, Design Contests, Reader Content & More
Glen Chenier

Engineers Solve Analog/Digital Problem, Invent Creative Expletives
Glen Chenier
4 comments
An analog engineer and a digital engineer join forces, use their respective skills, and pull a few bunnies out of a hat to troubleshoot a system with which they are completely unfamiliar. ...

Max Maxfield

What's the Best Traveling Toolkit?
Max Maxfield
23 comments
A few years ago at a family Christmas party, I won a pocket knife as part of a "Dirty Santa" game. This little scamp was a Buck 730 X-Tract. In addition to an incredibly strong and sharp ...

Rishabh N. Mahajani, High School Senior and Future Engineer

Future Engineers: Don’t 'Trip Up' on Your College Road Trip
Rishabh N. Mahajani, High School Senior and Future Engineer
10 comments
A future engineer shares his impressions of a recent tour of top schools and offers advice on making the most of the time-honored tradition of the college road trip.

Larry Desjardin

Engineers Should Study Finance: 5 Reasons Why
Larry Desjardin
42 comments
I'm a big proponent of engineers learning financial basics. Why? Because engineers are making decisions all the time, in multiple ways. Having a good financial understanding guides these ...

Top Comments of the Week
Flash Poll
Like Us on Facebook
EE Times on Twitter
EE Times Twitter Feed

Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)