Cyber Ethics contest will join Hacker Jeopardy

[Kelley Walker <kwalker2 () gte net>]

shameless self-promotion:

< http://www.securityfocus.com/news/211 >

Cyber Ethics contest will join Hacker Jeopardy and Spot the Fed at DefCon.
By Kevin Poulsen
May 31, 2001 4:59 PM PT

Summer is approaching, and with it the annual Bacchus of silicon and beer 
known as the DefCon hacker convention. But this year, for the first time, a 
kinder, gentler DefCon will reward righteous and upstanding behavior as 
much as computer intrusion skill, with a contest that challenges attendees' 
sense of "cyber ethics".

Call it a sign of the times. Last year, the increasingly mainstream 
convention drew over four thousand people: hackers, security professionals, 
law enforcement and intelligence agents, along with scores of reporters 
from around the world. Now in its ninth year, the 2001 conference will take 
place July 13th through 15th in Las Vegas, and the convention hotel is 
already fully booked.

In addition to detailed technical presentations, tee-shirt sales and 
all-night partying, DefCon is renown for its games, like the "Social 
Engineering Competition", in which hackers show off their talent at conning 
people into divulging confidential information over the phone; the 
hard-core "Capture the Flag" game, where they compete to crack each others' 
machines; and the perennial favorite, "Spot the Fed."

Into this mix comes "CyberEthical Surfivor" (Surf-ivor, a pun). The 
brainchild of veteran infowar proselytizer Winn Schwartau, the competition 
is inspired by his new book "Internet & Computer Ethics for Kids," a 
comically illustrated child-friendly tome that Schwartau says he wrote 
after catching his youngest son hacking into a neighbor's computer.

CyberEthical Surfivor will pit two teams of nine hackers head-to-head in a 
public struggle with weighty moral decisions. Example: You are 
seventeen-years-old, about to graduate to an Ivy League university when a 
vindictive teacher monkey-wrenches your academic dreams by wrongly flunking 
you on a final exam. The Principal won't listen to you. Should you crack 
the school's computer and give yourself the grade you deserve?

The rules of the contest are patterned after the CBS reality game show 
"Survivor," with a dash of NBC's flagging British-import "The Weakest 
Link." The audience will help judge the ethical quality of the teams' 
answers, with losing sides forced to vote off one of their own after each 
round. A panel of celebrity judges will settle disputes, with Schwartau 
himself filling the Jeff Probst / Anne Robinson role.

"Everyone I've talked to, from feds to academia to the hacking community 
says its going to be great," says Schwartau.

Unlike less warm-and-fuzzy DefCon competitions, losers will not be obliged 
to swill beer or remove articles of clothing. In the end, only one 
ethically-pure ultimate "Surfivor" will remain standing, winning $800 in 
"cyber ethics" material to donate to the school of his or her choice.

If the setting is odd, the contest's timing couldn't be better. Security 
experts and law enforcement officials are increasingly blaming lack of 
ethics training in school for a glut of computerized hack attacks performed 
by teens. Last year, the U.S. Department of Justice and the Information 
Technology Association of America (ITAA) even launched a "Cybercitizen 
Partnership" to help educators influence the behavior of America's youngest 
netizens, and a National Conference on CyberEthics met last October in 
Arlington, Virginia.

But will soul searching and ethical self-examination fly in the red-hot 
center of cyberpunk culture? "I'm trying to inject something new into 
DefCon, absolutely," says Schwartau. "But I'm not trying to teach ethics. 
We just want to expose the issues."

--
Kelley Walker
Organizational Researcher/Technical Writer
Interpact, Inc. Security Awareness

Interpact sponsors InfowarCon, 9/5-6, Washington, D.C.
http://www.interpactinc.com/infowarcon.html 


ISN is hosted by SecurityFocus.com
---
To unsubscribe email isn-unsubscribe () SecurityFocus com.