back to article 'Hack Idol' to find top UK cyberwarriors

The UK government has launched plans to find the best young hackers through a talent competition. Would-be cyberdefenders will be rated on their abilities to thwart attacks and hack into websites. Winners will be offered courses by the respected SANS Institute and assigned mentors. University course and work placements also …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Alien

    Just don't 'demonstrate' on any US severs

    ... You'll be extradited before you can say 'I was only looking for UFOs'

  2. Chimpofdoom!
    Linux

    Would you...

    Like to play a game?

  3. The Original Ash
    Black Helicopters

    *Shifty eyes*

    <_< >_> <_<

    IT'S A TRAP!

  4. Anonymous Coward
    FAIL

    Criminal

    Why is this any different to doing a Car Theft idol or a Robbery Idol?

  5. Budley.Sama
    FAIL

    Pointless

    Surely this is going to attract the wrong people. Most people who would apply to this will be script kiddies and people with low to average skill, anyone with actual talent would avoid this kind of game show crap like the plague. The biggest skill in hacking is not getting caught so whats the point of asking all the hackers to step forward?

  6. I didn't do IT.
    Boffin

    A Complex System

    "a "complex system of water divining, Pagan ritual and astronomy to find the best hackers". "

    Atronomy? Though it was a contemporary of the other two (and still is, I might add), ASTROLOGY would be more appropriate to find a hacker out of today's script kiddies.

    <sigh> Script Kiddies are the sad result of everyone wanting everything handed to them nowadays.

  7. Andy Blackburn
    Thumb Down

    Err...

    What was that about having knowledge that could be used to assist terrorism?

    First prize: Go to jail, go directly to jail, do not pass go, do not collect £200.

  8. Anonymous Coward
    Anonymous Coward

    Age discrimination?

    Is this open to anyone or do the years of networks and systems administration and engineering one may have accrued count for nothing?

  9. Anonymous Coward
    Anonymous Coward

    hmm

    why do i suspect this will just be a contest of "who can take over the most test websites running crappy forum software using pre-made exploits"? that's the only way they'll get a decent number of people make it past the first stage...

    if they want people to help keep the countries important assets secure, they should come up with a set of typical online applications then give each contestant a server - whoever has all of those services online and secure the longest wins (obviously disallowing brute force DDoS attacks floowing the connection, which is just a factor of how much money you have to throw at bandwidth) - tests your ability to keep your service online, and as for the attacks they will come from other contestants wanting to take you down first :)

    i'd just delete all the crap code from indian outsourcing companies that they provide and re-write the services following standard security practices, win by default :) it's not hard to secure servers...

  10. David 39

    By Anonymous Coward Posted Monday 12th October 2009 15:43 GMT

    Why disallow brute force, surely the first step to security is a strong password that cannot be brute forced

  11. Anonymous Coward
    Thumb Up

    "complex system of water divining, Pagan ritual and astronomy to find the best hackers"

    Hell, put THAT on TV - I'd watch it.

    And to I didn't do IT - it'd be far more fun with them trying to use astronomy than astrology!

  12. Carter Cole
    Black Helicopters

    i would so be part of the american version

    so when yall dudes at the network are looking for american contestants for the tv show id love to be part of it

  13. Graham Marsden
    WTF?

    Entrapment...?

    Hmm, so how many people are going to put their names forward and then find themselves being investigated and arrested for hacking?

    Chairman Mao's "Hundred Flowers" campaign comes to mind where dissidents were encouraged to speak out against the Chinese Communist Regime and were then rounded up and sent to "re-education camps"...

  14. Peter2 Silver badge

    @ David 39

    David,

    The reason the previous poster said you'd disallow brute force DDoS (Distributed Denial of Service) attacks is because it prevents external access by flooding the connection to the server with traffic so genuine access requests can't get to it. It doesn't actually do anything to the server like guess the passwords etc.

    Peter

  15. Anonymous Coward
    Anonymous Coward

    @David 39

    Nope, first step to security is knowing who should have access. Then you define what type of access the various authorised users should have. Then you figure out what possible routes unauthorised persons could use to access the system and secure those routes. This will include a password- so it's probably nearer step 5 when you start thinking about how to circumvent the precautions you've put in place and how to stop people doing just that.

  16. Anonymous Coward
    Happy

    @hmm

    or you could just use OpenBSD

  17. Anonymous Coward
    Anonymous Coward

    DDoS

    @ David 39

    Brute force DDoS has nothing to do with brute force password hacking - I think AC means brute force as in huge amounts of data vs. DDoS with more clever constructed packets.

    If this was the real means of competition then no methods of takedown should be disallowed apart from those which are illegal e.g. using compromised machines which you don't own - this would effectively mean DDoS = <25 machines.

    Most DoS attack types use exploits on the server/hardware in the same way as conventional hacks and a simple bandwidth flood from a limited number of IP addresses can be protected against.

  18. Pete 2 Silver badge

    limited shelf life

    These young hackers might be at the top of their game when they're discovered (though the truly good ones will probably stay off the radar), they won't remain top notch hackers much past the time they discover girls (or boys).

    Though I can't help feeling that this programme will select people the same way The Apprentice selects barrow-boys (and girls) and called them executives.

  19. Evil_Dave83
    IT Angle

    I'd argue your phrasing, Robert

    Crap films and lazy reporters regularly tell us that the proper term for these skills is cracking, not hacking. IT pro's of the world unite and petition for this show to be given its 'more accurate' name: Crack Idol.

  20. Al fazed
    FAIL

    F*ck' dickhead

    Without stating the bloody obvious, this clever idea assumes that no person of Afghan, Pakistan, Lebanon, Rumania, China, etc, need apply.

    Which leaves not a lot of wh*te *nglish m*les to choose from, as most of the computing students at uni, as far as I can remember, were not in this category.

    Sorry folks, but this sounds like another recipe for disaster dreamt up by some connected wanker who should be disconnected before he hurts someone.

  21. Anonymous Coward
    FAIL

    And the winner is..

    goatse

    probably more bragging rights and/or cash just hacking the competition. If this gets televised or PR companies behind it, $deity help the 'quality' of the entrants.

  22. Anonymous Coward
    Anonymous Coward

    I assume...

    ...the winners be pre-emptively extradited to the US to avoid any unfortunate newspaper campaigns?

  23. fyle
    Jobs Horns

    narf

    *beep*

  24. Anonymous Coward
    Coat

    Hack Idol was run last year...

    ...but one contestant hacked in and erased all the results, so you won't have heard of it...

  25. John Smith 19 Gold badge
    Happy

    hacked the scoring system

    Neat idea.

    So how good would he have been if he had,nt upped his score?

  26. Anonymous Coward
    Anonymous Coward

    4chan will be all over this

    'nuff said.

  27. lukewarmdog
    Badgers

    h4ck'd

    DDoS is a perfectly acceptable way of keeping out the competition.

    Less obvious may be redirecting would-be competitors to a copy of the site and being the only contestant on the real site.

    If the winners aren't arrested they'd be prime targets for offshore organisations interested in cyber infiltration.

  28. TeeCee Gold badge
    Alert

    What should really happen.

    Right at the death, as the assembled skiddies wait with bated breath for the host to announce the winner, the screen will go dark.

    All digitally stored footage of the competition will mysteriously disappear to be replaced with porn, mostly involving animals. All the contestants, the presenter, the producer, the director and anyone else involved in the series will find that they have no money, are several months behind on their mortgage/loan payments and have enough outstanding warrants against them to keep them busy answering difficult questions for a while. All will also be on everyone's "no fly" list, with a special appearance by the producer on the "top ten most wanted" lists of the FBI, SOCA and Interpol as a suspected arse-bomber and peadophile to ensure that any post-arrest cavity searches are conducted remotely using a bomb-disposal robot run by a deliberately careless operator.

    No matter how hard he tries, Bruce Willis will not be able to find out who did it.

  29. DPWDC

    Simpsons

    Any one else getting visions of that simpsons episode where homer goes to the police station to get his free speed boat?

This topic is closed for new posts.

Other stories you might like