No. 1 Story

Technology reinforces generation gap

If you believe that technology could be bridging the generation gap, think again. According to Deloitte’s first State of the Media report it’s as stark as ever.

read more

Related Articles

Adoption of cloud computing has reached a tipping point  - but don’t expect legacy...
In yet another blow to the Facebook IPO this week, following the withdrawal of...
Recruitment technology and social media have played a significant role in growing business in...
Those elusive pocket monsters, the Pokémon are becoming more numerous.  Nintendo announce two new...
Want a free trip to E3 Expo? Microsoft's looking for an 'Xbox Insider.' Microsoft Australia...

Learn how to write your own malware

Your IT - Home IT

It quoted a philosophy professor, John Sullins, who was working with Ledin on the ethical perspective of the course as comparing learning about malware to learning a martial art. "Ledin's class provides students with an uncommon opportunity to learn" Sullins said "not only how to react and defend against malicious computer programs, but also how they are used and the logic behind their construction."

Perhaps most telling, Sullins claimed that "Ledin is like a sensei in a virtual dojo, he not only instructs his students in the nuts and bolts of the creation of malicious software, but he also guides their understanding of when one should, and shouldn't, use the skills they are learning in his class."

Ledin himself is adamant that his students are not in it to cause harm, and cannot do so anyway as they work within a totally sand boxed environment meaning there is no danger of their experiments leaking out into the wider networked-world.

And anyway, why the big fuss? The course has been running for some time now and was not even the first of its ilk. As far as I am aware that honour goes back to 2003 when the University of Calgary announced plans for a Computer Viruses and Malware course.

At the time, the then global director of education for security vendor Trend Micro, David Perry, said "Why not have classes in hacking? Why not have classes in all kinds of malicious computer activity? You don't send somebody out to shoot someone so they understand what happens when somebody gets shot."

No, but you do train policemen and soldiers in how to use a weapon, and they do train for shooting people in highly realistic simulation environments. Very little difference, in actual fact, from teaching the mechanics of malware within a safely sand boxed lab.

Not that this cuts the mustard with security vendors, most of whom simply do not employ anyone with a history of creating malicious code as a matter of policy. And that, it seems, would include doing so at college...