[FoRK] [IP] more on Rejected Harvard applicants say school's reaction to Web page "hack" excessive (fwd from dave@farber.net)

Ken Meltsner meltsner at gmail.com
Fri Mar 11 12:30:11 PST 2005


On 11 Mar 2005 11:20:15 -0800, Karl Anderson <kra at monkey.org> wrote:
...
> Hacker, cracker, and phreaker texts have always emphasized social
> engineering.

Hacker was originally used to describe avid amateur participation --
earliest nerd usage was to describe model railroad aficionados at the
Tech Model Railroad Club (TMRC).  It migrated over to computer
enthusiasts and continued to mutate as all good words should.

In movies and TV, there are always technical ways into systems.  I
think most viewers would be disappointed (and upset) that most hackers
use techniques that are less technically advanced than Jim Rockford's
("Rockford Files" for the younger/non-U.S. FoRK readers) business
cards, created as needed on a tiny printing press.

We need better Web development tools that do not maintain important
state (e.g. user identity information) in editable URLs.  Heck, even
the addition of an MD5/SHA-1 hash of the theoretically immutable
parameters +  a secret would allow you to detect when someone had been
URL-editing without incurring the cost of maintaining session state on
your server (idea first seen in an AT&T secure inbound reverse proxy
server).

Ken Meltsner


-- 
Absolute power corrupts absolutely, but model train sets do a pretty
good job as well

-- 2/28/05, in a odd dream


More information about the FoRK mailing list