Monday, June 18, 2007

Smarter Policeman, Smarter Catch

I took some lumps over the weekend based on my previous comments about George Ledin's virus class at Sonoma State.

To clarify, my previous post about George Ledin's class was not in support of hiring virus writers, it was in support of hiring smarter virus *researchers*: i.e. the folks that police the Internet and keep us safe.

While I accept the premise that someone could potentially come out of one of George's classes and do something bad, my view is the very same possibility exists when someone exits gun-training at a police academy.

People predisposed to doing bad things will. Hackers don't need Ledin's course - they can already access everything they need to know about writing a computer virus from the Internet, or their local library, courtesy of the First Amendment.

From the standpoint of policing criminal activities, however, it is important to me that every virus researcher at Authentium is able to navigate and understand the broadest possible range of criminal strategies and techniques associated with online crime.

Virus writers tend to favor a particular approach when coding their threats. Virus research is a different game - as several experts have previously stated, virus researchers need to be able to analyze and react to a multitude of different techniques.

I think the approach George Ledin is taking has the potential to enable a broader understanding among his students of the various techniques in use, which in turn could enable a higher quality of analysis.

I fully accept this may not be the popular view, and that some of my colleagues may disagree with me, but I personally believe "the smarter the policeman, the smarter the catch", and I believe Ledin's hands-on approach to research could help create some "smarter policemen".

1 comment:

B-Con said...

I'm not sure why you'd get any heat for what you wrote about on the virus "trainees".

No one would protest a military bomb squad trainee learning how to build a dirtyish bomb with common elements found on base -- why would they protest a computer scientist learning out to design a virus?

I think it's because we, as a people, tend to think of computers as a deep, dark, mystical entities sometimes. Most people -- even people who *supposedly* should be in the know -- don't know how computer work, and anything having to do with "viruses", "worms", or "hacking" scares the bejeebers out of them. It's the classic, "I don't know anything about what I'm talking about, but I know that it sure *sounds* scary" approach.