Dailydave mailing list archives

Science? (WAS: Hacking's American as Apple Cider)

From: Barrie Dempster <barrie () reboot-robot net>
Date: Wed, 21 Sep 2005 11:16:45 +0100

On Tue, 2005-09-20 at 22:17 -0400, Jason Syversen wrote:

Hacking is the art/science of analyzing hardware/software systems to
find vulnerabilities... cracking is the practice of exploiting those
vulnerabilities to compromise systems... cracking, or the act of
providing "material support" is the problem, not the R&D areas of
vulnerability analysis, proof of concept implementation, or publishing
findings. Perhaps the two are getting confused.



FWIW I agree with your points in the email listed above, but would like
to take you up on the "art/science" view. Since this is off-topic of
the thread and a personal opinion that I've debated with
friends/colleagues I've taken it to a new thread.

Art I won't contend, it is very subjective and anything can be art,
even if it is primarily science or engineering that is behind the work.

I'm of the view that "computer _science_" does not exist, as most of it
is just applied mathematics. Hacking I'd term as research but not
scientific as any science behind it falls back to pure maths or more
specifically poorly understood maths. For example, a buffer overflow is
a mathematical failure, the coder fails to understand (or ignores!) the
mathematical implementations of their code, allowing it to be exploited.

Would you agree? Or do you have any points that paint computers/hacking
as a science. As far as I can see any endeavour in these fields falls
into another science or in the case of things like software development
they become an implementation of science which is then engineering. (I'm
not saying hacking is engineering)


-- 
With Regards..
Barrie Dempster (zeedo) - Fortiter et Strenue

"He who hingeth aboot, geteth hee-haw" Victor - Still Game

blog:  http://reboot-robot.net
sites: http://www.bsrf.org.uk - http://www.security-forums.com
ca:    https://www.cacert.org/index.php?id=3

Attachment: signature.asc
Description: This is a digitally signed message part

Attachment: smime.p7s
Description:

Current thread:

RE: Default Deny on Executables, (continued)
- - - RE: Default Deny on Executables El Nahual (Sep 14)
    - Re: Default Deny on Executables miah (Sep 14)
    - Re: Default Deny on Executables Andrew R. Reiter (Sep 14)
    - RE: Default Deny on Executables El Nahual (Sep 14)
    - Re: Default Deny on Executables Dave Aitel (Sep 14)
    - Re: Default Deny on Executables Andrew R. Reiter (Sep 14)
    - Re: Default Deny on Executables Joel Eriksson (Sep 14)
    - Re: Default Deny on Executables Blue Boar (Sep 14)
  - Re: Re: Hacking's American as Apple Cider Marcus J. Ranum (Sep 20)
    - Re: Re: Hacking's American as Apple Cider Jason Syversen (Sep 20)
    - Science? (WAS: Hacking's American as Apple Cider) Barrie Dempster (Sep 21)
    - Re: Re: Hacking's American as Apple Cider pageexec (Sep 21)
    - Re: Re: Hacking's American as Apple Cider Marcus J. Ranum (Sep 21)
    - Re: Re: Hacking's American as Apple Cider I)ruid (Sep 23)
    - Re: Re: Hacking's American as Apple Cider byte_jump (Sep 23)
- Re: Re: Hacking's American as Apple Cider Jeremy Kelley (Sep 12)
  - RE: Re: Hacking's American as Apple Cider Paul Melson (Sep 12)
- RE: Re: Hacking's American as Apple Cider surreal (Sep 10)