Should Hackers with Asperger's Syndrome Be Hired?

  • Thread starter Thread starter rhody
  • Start date Start date
  • Tags Tags
    hackers
Click For Summary

Discussion Overview

The discussion revolves around the hiring of hackers with Asperger's Syndrome, exploring the potential link between Asperger's and hacking, as well as broader implications regarding cybersecurity and malware. Participants share various perspectives on the characteristics of hackers, the nature of cyber threats, and the effectiveness of current security measures.

Discussion Character

  • Debate/contested
  • Technical explanation
  • Exploratory

Main Points Raised

  • Some participants reference a video discussing the high incidence of hackers with Asperger's Syndrome, suggesting it raises questions about stereotyping.
  • One participant expresses interest in data linking hackers to other forms of crime, questioning whether hackers are more likely to commit different types of offenses.
  • Concerns are raised about the effectiveness of companies in detecting cyber intrusions, with one participant citing statistics about undetected breaches and the need for proactive security measures.
  • Participants discuss a significant breach affecting MasterCard and Visa, highlighting the delayed detection of such incidents and the implications for consumer security.
  • There is mention of a commentary by Dr. Regina Dugan regarding the strategic challenges posed by emerging cyber threats, suggesting a divergence in response strategies.
  • Several posts address the vulnerabilities of Apple’s operating system to malware, particularly focusing on Java-related security issues and the misconception of Macs being immune to infections.
  • Participants speculate about the potential for Java-based malware to affect other operating systems, such as Linux, and discuss the implications of botnets.
  • Instructions for detecting and removing malware are provided, along with suggestions to uninstall Java as a preventive measure.
  • There is a discussion about the evolving landscape of software exploitation, with Adobe being noted as a current target for cyberattacks.

Areas of Agreement / Disagreement

The discussion contains multiple competing views regarding the implications of hiring hackers with Asperger's Syndrome, the effectiveness of cybersecurity measures, and the vulnerabilities of different operating systems. There is no consensus on these issues, and participants express a range of opinions and concerns.

Contextual Notes

Participants express uncertainty about the reliability of sources and the accuracy of claims regarding security breaches and malware. There are also limitations in the data presented, particularly concerning the link between hacking and other criminal activities.

rhody
Gold Member
Messages
680
Reaction score
3
Last edited by a moderator:
Computer science news on Phys.org
Thanks rhody! I would like to see if there is any data linking hackers with other forms of crime. Is a hacker more likely to commit a different type of crime.
 
Now, this is really sobering...

U.S. Outgunned in Hacker War
Testimony Monday before a government commission assessing Chinese computer capabilities underscored the dangers. Richard Bejtlich, chief security officer at Mandiant, a computer-security company, said that in cases handled by his firm where intrusions were traced back to Chinese hackers, 94% of the targeted companies didn't realize they had been breached until someone else told them. The median number of days between the start of an intrusion and its detection was 416, or more than a year, he added

and... (my words in the next paragraph)
to address what is stated above... imagine having your credit card, medical history, credit history, etc... info compromised for over a year and no one knew about it.

He added that companies need to do more than just react to intrusions. "In many cases, the skills of the adversaries are so substantial that they just leap right over the fence, and you don't ever hear an alarm go off,'' he said. Companies "need to be hunting inside the perimeter of their network," he added.

Rhody...
 
As if I needed to underscore undiscovered breeches, http://www.reuters.com/article/2012/03/30/us-mastercard-breach-idUSBRE82T0VD20120330
MasterCard's announcement comes after a report on a blog called Krebs on Security said that both MasterCard and Visa Inc have been alerting banks across the U.S. about a "massive" breach that may affect more than 10 million cardholders.
Interesting that the Krebs on Security Blog released this information, which needs to be verified as true or a hoax. The scary part is the length of time these breeches can take before being discovered. One would logically think that most credit card hanky panky would be detected right away though.

Rhody...

P.S.. Background on Brain Krebs, founder of the Blog.
 
Interesting commentary, by Dr. Regina Dugan, DARPA Cyber Colloquium, eye opening, and startling. January 2012.

She believes we are losing ground because we are "divergent" (14:30 and on) from the emerging threat. This divergence are the seeds of strategic surprise.

Rhody...
 
Hah, I just checked someone's twitter account, and it was down, that is a first...

Are the bad guys up to new tricks ? Have to check the news tomorrow.

Rhody...
 
All you Mac users who used to think Apple's OS was safe from infection, not so, this http://blogs.computerworld.com/19989/biggest_apple_botnet_discovered_600k_macs_infected?af takes advantage of Java, specifically:
...of a weakness in Java SE6...CVE-2012-0507

I can’t stress this point strongly enough: If you don’t need Java, remove it from your system. ... Apple maintains its own version of Java, and [is] unacceptably far behind Oracle in patching critical flaws. ... [Its] lackadaisical...response to patching dangerous security holes perpetuates the harmful myth that Mac users don’t need to be concerned about malware.

and...

Despite what Apple...would have you believe, Macs are not invulnerable...malware targeting OS X does exist. ... [The] operating system isn't a panacea when it comes to security - only less targeted. Until now.
...
[If] accurate, such a large infection rate on Macs may change common perception of OS X as "virus-proof."
The insidious nature of this infection is that it can go for quite some time before being detected. Nice... Is your Apple system an unwitting "Zombie", waiting to be used as an unwitting source to be used in an attack on other computers or websites ? See: botnet.

Rhody...
 
Last edited:
rhody said:
All you Mac users who used to think Apple's OS was safe from infection, not so, this http://blogs.computerworld.com/19989/biggest_apple_botnet_discovered_600k_macs_infected?af takes advantage of Java, specifically:


The insidious nature of this infection is that it can go for quite some time before being detected. Nice... Is your Apple system an unwitting "Zombie", waiting to be used as an unwitting source to be used in an attack on other computers or websites ? See: botnet.

Rhody...

Does it obviously work for Linux as well if its solely Java based?
 
rollcast said:
Does it obviously work for Linux as well if its solely Java based?
roll,

Just a guess on my part, but I think if Java from the same vendor is used regardless of platform, it could be an issue.

Rhody... botnets searching...
 
  • #10
Here are instructions to see if you have it, and then how to remove it.

Also, download and install the most recent Java update from Apple and you should be set.
Manual Removal Instructions

1. Run the following command in Terminal:

defaults read /Applications/Safari.app/Contents/Info LSEnvironment

2. Take note of the value, DYLD_INSERT_LIBRARIES
3. Proceed to step 8 if you got the following error message:

“The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist”

4. Otherwise, run the following command in Terminal:

grep -a -o ‘__ldpath__[ -~]*’ %path_obtained_in_step2%

5. Take note of the value after “__ldpath__”
6. Run the following commands in Terminal (first make sure there is only one entry, from step 2):

sudo defaults delete /Applications/Safari.app/Contents/Info LSEnvironment

sudo chmod 644 /Applications/Safari.app/Contents/Info.plist

7. Delete the files obtained in steps 2 and 5
8. Run the following command in Terminal:

defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

9. Take note of the result. Your system is already clean of this variant if you got an error message similar to the following:

“The domain/default pair of (/Users/joe/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist”

10. Otherwise, run the following command in Terminal:

grep -a -o ‘__ldpath__[ -~]*’ %path_obtained_in_step9%

11. Take note of the value after “__ldpath__”
12. Run the following commands in Terminal:

defaults delete ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

launchctl unsetenv DYLD_INSERT_LIBRARIES

13. Finally, delete the files obtained in steps 9 and 11.

Rhody...
 
  • #11
Better solution: uninstall Java.
 
  • #12
jhae2.718 said:
Better solution: uninstall Java.

Haha, yes, here is a link to the patch BTW.
Apple released the patch a day after reports spread about a Java-based Trojan horse that could install itself on your Mac without requiring that you enter a password. Apple released Java for OS X Lion 2012-001 and Java for Mac OS X 10.6 Update 7, and if you haven't yet installed it, you should.

Flashback is a Mac Trojan horse that's been in the public eye since it was uncovered by security firm Intego last year. The recent update saw it gain the ability to infect your computer from little more than a visit to a website.

Originally, Flashback masqueraded as an installer for Adobe's Flash Player - hence the name - but the malware has changed tacks at last once since then, instead pretending to be a Mac software update or a Java updater.
A personal note, I never ever ever install any updates unsolicited for Adobe Flash Player, that is the kiss of death IMHO.

Rhody...
 
  • #13
Wow! Thanks rhody for the news!
 
  • #14
Adobe has taken over from Microsoft as the company whose software is most exploited.
 
  • #15
jhae2.718 said:
Adobe has taken over from Microsoft as the company whose software is most exploited.

Haha... :smile:

Rhody...
 
  • #16
I can't make this up, really, I can't for those who installed the first patch, or used a manual method to update, Apple recommends a second patch by applied to be found here.
The update, dubbed Java for OS X 2012-002, does not appear to add anything substantial to the first update, according to security firm Intego, which spotted the new patch.

"It is possible that Apple discovered a minor glitch in the first update, necessitating a new release," Intego said in a blog post.

The second update, however, appears to only apply to OS X Lion, whereas the first one worked with Snow Leopard and Lion, Intego said.

"In any case, it is essential that all Mac users apply this update," the firm concluded. "The Flashback malware has been very active in the wild, and can install with no user interaction, if Java is not patched."

Rhody...