Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

AT&T Sponsors Zero-Day Hacking Contest For Kids

timothy posted more than 2 years ago | from the also-let's-talk-in-a-few-years dept.

Security 43

yahoi writes "AT&T has teamed up with an 11-year-old hacker and DefCon Kids to host a hacking contest during the second annual conference that runs in conjunction with the adult Def Con hacker show later this month in Las Vegas. The kid who finds the most zero-day bugs in mobile apps wins $1,000 and an IPad, courtesy of DefCon Kids. The contest was inspired by the mini-hacker's discovery last year of a whole new class of mobile app vulnerabilities."

cancel ×

43 comments

Sorry! There are no comments related to the filter you selected.

$1,000 and an iPad? For one kid? Cheap bastards. (4, Interesting)

reubenavery (1047008) | more than 2 years ago | (#40673627)

Maybe its just the cynic in me, but this seems like a real rip off. How many bugs will be discovered in total? And how much would it cost to have an actual Q/A department find those bugs?

Child labor in sheep's clothing?

Re:$1,000 and an iPad? For one kid? Cheap bastards (2)

Kaptain Kruton (854928) | more than 2 years ago | (#40673811)

That was my first thought too. However, you must remember they are looking for flaws in mobile apps... not necessarily mobile apps written by AT&T. In the article, it gave an example of a young girl that is working with AT&T finding a specific flaw that existed in several games.

Re:$1,000 and an iPad? For one kid? Cheap bastards (0)

Anonymous Coward | more than 2 years ago | (#40674471)

I know, I just wanted to vent since I saw At&t ;)

Re:$1,000 and an iPad? For one kid? Cheap bastards (2)

Inda (580031) | more than 2 years ago | (#40673911)

What would you give the mini-hacker?

A car? A house? A pony?

Kudos and a medal is enough. Being able to brag to classmates is enough. An iThing is more than enough (I'd prefer the kudos myself).

Re:$1,000 and an iPad? For one kid? Cheap bastards (2, Funny)

Anonymous Coward | more than 2 years ago | (#40674081)

What would you give the mini-hacker?

A car? A house? A pony?

Clearly you give them "1337" merit badges. All the other kids get "p0wned" written in Sharpie on their foreheads.

Re:$1,000 and an iPad? For one kid? Cheap bastards (0)

Anonymous Coward | more than 2 years ago | (#40673913)

It would be nice if AT&T could fix their shitty service. They are shit and I'm sick of them throttling back the service as well if I'm lucky enough to even get a connection lately.

Re:$1,000 and an iPad? For one kid? Cheap bastards (1)

Ghubi (1102775) | more than 2 years ago | (#40674403)

That's pretty much what I think about the whole crowd-sourcing X prize phenomenon. This is what happens when a society institutes greed as a moral virtue.

Re:$1,000 and an iPad? For one kid? Cheap bastards (2)

dkleinsc (563838) | more than 2 years ago | (#40674931)

Also, what they may be going for is a situation in which they can truthfully advertise "We sponsored a contest for lots of hackers to find bugs, and they couldn't find anything." (while carefully omitting the fact that the hackers in question were all 11-year-olds)

There's another flaw too, which is this: "Hey kids, want to make way more than that lame iPad? If your hack is really clever, sell it to our totally legitimate Russian company for $15,000." (Actually, that's a problem with all white hat hacking, but kids are generally easier to entice because they haven't developed such flaws as a sense of morality.

Q/A? (1)

antdude (79039) | more than 2 years ago | (#40676733)

Why is there a slash for "quality assurance"? :P

Re:$1,000 and an iPad? For one kid? Cheap bastards (0)

Anonymous Coward | more than 2 years ago | (#40677061)

Maybe its just the cynic in me, but this seems like a real rip off. How many bugs will be discovered in total?

Most likely zero. Maybe the winner actually finds one.

These are kids, dude. It's a PR thing to encourage kids to go into software careers, they're not actually going to be useful compared to someone who has training and experience.

Re:$1,000 and an iPad? For one kid? Cheap bastards (1)

Darinbob (1142669) | more than 2 years ago | (#40677447)

Hey, they're taking kids to Vegas. With all the booze and blackjack and strippers they won't even care about the ipads.

Re:$1,000 and an iPad? For one kid? Cheap bastards (0)

Anonymous Coward | more than 2 years ago | (#40678561)

How many bugs? Almost zero, because kids are brainless little bastards.

Thank goodness! (5, Insightful)

FreedomOfThought (2544248) | more than 2 years ago | (#40673643)

Glad to see they are encouraging white hat hacking. I hope they remain effective. Thousand dollars seems a little low. Surely they can do better, and put it towards their future education needs.

Re:Thank goodness! (4, Insightful)

Loughla (2531696) | more than 2 years ago | (#40673809)

Exactly - you catch the little fellas and ladies while they're young, that way they don't turn into black-hats later. This is called investing in the future, and there needs to be shitloads more of it. I don't care if they don't catch anything major, just investing in them and showing that older folks value their insight goes a long way, ask any teacher.

Re:Thank goodness! (1)

k(wi)r(kipedia) (2648849) | more than 2 years ago | (#40674935)

$1000 isn't low for what's probably a bug too minor to win, say, a Chrome or Firefox bounty. Besides, the goal is to get kids into thinking about security, not to give them jobs as penetration testers or elite hax0rs.

Re:Thank goodness! (1)

FreedomOfThought (2544248) | more than 2 years ago | (#40675393)

Shouldn't there still be some sort of program to further their knowledge if they should deem necessary? If a child wins the contest, and shows potential, then why give them a $1000 and end it there? You are right about possibly not winning a Chrome/Firefox bounty, but lets get them there.

Re:Thank goodness! (1)

k(wi)r(kipedia) (2648849) | more than 2 years ago | (#40680319)

My worry is that the young participants would see this as the sort of bribe parents give their kids to make them do their homework. "Hey, Junior, if you study your math, I'll take you to the theme park on Sunday."

Somebody's completely clueless (1)

sgt_doom (655561) | more than 2 years ago | (#40675961)

Huh????? AT&T is the principal force behind the end of network neutrality, although there are many who would argue they've already ended it.
Why in the bloody H don't you realize this? Obey the master corporation, huh? Say, dood, any idea who actually owns AT&T???

Re:Somebody's completely clueless (1)

FreedomOfThought (2544248) | more than 2 years ago | (#40729607)

I'm sorry; I fail to see the point you are trying to make. By your logic, I should ignore any good things that anyone ever does because of a differing perspective on how things should be. Of course, I may have interpreted your statements incorrectly as they seem off topic and rather aimless and confused. I'm sure I have some tin-foil around here somewhere that I could make a hat out of and send to you. Consider it a gift from the "dood" who blindly "obey[s] the master corporation[s]".

Re:Somebody's completely clueless (1)

FreedomOfThought (2544248) | more than 2 years ago | (#40729613)

Or have I been trolled by a pro?

That $1000 will not cover the full 2 year data pla (5, Insightful)

Anonymous Coward | more than 2 years ago | (#40673743)

That $1000 will not cover the full 2 year data plan cost that comes with that Ipad.

Re:That $1000 will not cover the full 2 year data (1)

Envy Life (993972) | more than 2 years ago | (#40673991)

Haha... nice catch!

Re:That $1000 will not cover the full 2 year data (0)

Anonymous Coward | more than 2 years ago | (#40674041)

troll. ipad doesn't require a contract, and doesn't even require you to activate it at purchase. go away, you wasted attempt at snark.

Re:That $1000 will not cover the full 2 year data (1)

nazsco (695026) | more than 2 years ago | (#40674715)

Not to mention it's the least hacker friendly device ever.

Always laugh my ass off when i see macs at hacker conferences and they turn out to not be hype journalists.

Re:That $1000 will not cover the full 2 year data (1)

hackula (2596247) | more than 2 years ago | (#40675365)

What's wrong with a hacker using a mac? If it's good enough for Otacon, it's good enough for any hacker.

Re:That $1000 will not cover the full 2 year data (1)

BryanL (93656) | more than 2 years ago | (#40675225)

Maybe I missed something, but where does it say this is a 3G iPad? Even if it is, getting a wireless plan over 2 years at $30 a month for the 3GB plan only comes out to $720. I hate to see troll comments get modded +5 informative based on hate.

from hackers (-1)

Anonymous Coward | more than 2 years ago | (#40673759)

oh i have to do this daily do i , getting tired of it ....corporates the message is....

FUCK OFF
nothing like supporting one of the most evil spying bastard entities of the usa....

Defcon, I am disappoint (1)

sl4shd0rk (755837) | more than 2 years ago | (#40673781)

Android seems like a much more logical choice for hacker-friendly computing.

Don't forget to wish Owebama a Happy Ramadan! (-1)

Anonymous Coward | more than 2 years ago | (#40673877)

Alahu ackbar! *stones rape victim for being slutty*

Get them when there young (0)

Anonymous Coward | more than 2 years ago | (#40673969)

You know what they say. Get them when they are young. Maybe they can take the meaning of hacking back to it's original meaning.

Re:Get them when there young (1)

Ghubi (1102775) | more than 2 years ago | (#40674097)

I think finding zero day bugs fits better with the current meaning of hacking than with it's original meaning.

one week later: (1)

Gravis Zero (934156) | more than 2 years ago | (#40674113)

AT&T Hacked By 11-Year-Old. Demands 20 Year Sentence

be careful what you ask for, you just might get it.

How about about not using the term "hacking"? (1)

GodfatherofSoul (174979) | more than 2 years ago | (#40674261)

To me it implies either some sort of intrusion attempt or code-and-go design. Seems like the definition war has been lost on that front. Either way, these kids are testers, not hackers.

Coming to the industry relatively late in life, I've seen a youth fascination with the deconstructor rather than the constructor side of the industry that probably isn't doing any of us any good.

Not a career, a contest! (0)

Anonymous Coward | more than 2 years ago | (#40674563)

And they wonder why kids aren't considering a career in information security! Because all I see in the news are these contests where professional-level work might win someone a pittance. No one wants to pay for information security. Why would they, when they can sponsor a contest and get people to do it for next to nothing? Where did this stuff come from, anyway?

Condescending bullshit for kids. (4, Informative)

GNUALMAFUERTE (697061) | more than 2 years ago | (#40674577)

They say "She found a whole new kind of exploit", and that she's found many zero-day exploits in mobile apps.

Ok. So I keep reading. Here's all of it: She changes the date on her phone so the trial lasts longer. That's it.

We've been doing that for decades. I did when I was 10 too, in DOS, and so did most of you. An entire generation changed their machine's date so we could use expired trials. We did this back in the 80's, and none of us got press as 1337 hax0rz for it.

This is the equivalent of every kid is a winner, for technology. Everyone is a computer genius at this conference, even if they can't code and all they do is play with their phone all day long and try to beat trials using a technique that's 30 years old,and that's not technical at all.

Re:Condescending bullshit for kids. (1)

kelemvor4 (1980226) | more than 2 years ago | (#40674649)

The truth is, we're all winners. Because out of all those sperm, we're the ones who made it!

Re:Condescending bullshit for kids. (1)

Anonymous Coward | more than 2 years ago | (#40674745)

The truth is, we're all winners. Because out of all those sperm, we're the ones who made it!

Worst Prize Ever

Re:Condescending bullshit for kids. (0)

Anonymous Coward | more than 2 years ago | (#40674679)

Oh man, on real arcade I used to extract the binary launcher from the timer launcher and replace the timer launcher with the binary launcher so that I'd have unlimited play time. (It's simpler than it sounds exe1 when opened creates exe2 replace exe1 with the created exe2 before exe1 deletes exe2). Good times were had when I was thirteen (about 9 years ago)

Re:Condescending bullshit for kids. (0)

Anonymous Coward | more than 2 years ago | (#40675213)

They don't say what OS she is using, since they are giving away iPads I wonder if it's Apple. If it is shouldn't she removed from being allowed to use Apple products for a year? She is showing a security hole that allows people to jump though timed areas of games that people can pay good money to get a full grown crop right now! Think if someone uses a mobile time clock for payroll this can really mess up things!
 
Oh by the way - GET OFF MY LAWN!

Re:Condescending bullshit for kids. (1)

dutchwhizzman (817898) | more than 2 years ago | (#40676025)

Maybe it's not new for us, but it's new for the platform and developers that get tricked by such a simple hack should be ashamed of themselves. I think that's enough merit for an 11 year old to be getting some sort of reward for their discovery. Taking this initiative and actively hosting a contest this year so kids get an idea about IT security, not to mention all the grown ups that get to hear about it too, is way more valuable than "we did that years ago on the platforms we used as kids".

Re:Condescending bullshit for kids. (1)

GNUALMAFUERTE (697061) | more than 2 years ago | (#40681261)

Your post doesn't make any sens. "we did that years ago on the platforms we used as kids" is exactly the point here.

It's like making reports and giving rewards to kids that manage to cross the street in order to get grown ups to hear about road safety. There are better ways, and since any kid can do it, and kids have been doing so for ages, it's not something to be rewarded or praised.

Something seems off here... (2)

kelemvor4 (1980226) | more than 2 years ago | (#40674623)

AT&T is sponsoring a hacking contest? They're also giving away an ipad? Apple is going to be furious!

do they ant us to hack the ipods? (0)

Anonymous Coward | more than 2 years ago | (#40675901)

done....

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>