×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

AT&T Sponsors Zero-Day Hacking Contest For Kids

timothy posted about 2 years ago | from the also-let's-talk-in-a-few-years dept.

Security 43

yahoi writes "AT&T has teamed up with an 11-year-old hacker and DefCon Kids to host a hacking contest during the second annual conference that runs in conjunction with the adult Def Con hacker show later this month in Las Vegas. The kid who finds the most zero-day bugs in mobile apps wins $1,000 and an IPad, courtesy of DefCon Kids. The contest was inspired by the mini-hacker's discovery last year of a whole new class of mobile app vulnerabilities."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

43 comments

$1,000 and an iPad? For one kid? Cheap bastards. (4, Interesting)

reubenavery (1047008) | about 2 years ago | (#40673627)

Maybe its just the cynic in me, but this seems like a real rip off. How many bugs will be discovered in total? And how much would it cost to have an actual Q/A department find those bugs?

Child labor in sheep's clothing?

Re:$1,000 and an iPad? For one kid? Cheap bastards (2)

Kaptain Kruton (854928) | about 2 years ago | (#40673811)

That was my first thought too. However, you must remember they are looking for flaws in mobile apps... not necessarily mobile apps written by AT&T. In the article, it gave an example of a young girl that is working with AT&T finding a specific flaw that existed in several games.

Re:$1,000 and an iPad? For one kid? Cheap bastards (0)

Anonymous Coward | about 2 years ago | (#40674471)

I know, I just wanted to vent since I saw At&t ;)

Re:$1,000 and an iPad? For one kid? Cheap bastards (2)

Inda (580031) | about 2 years ago | (#40673911)

What would you give the mini-hacker?

A car? A house? A pony?

Kudos and a medal is enough. Being able to brag to classmates is enough. An iThing is more than enough (I'd prefer the kudos myself).

Re:$1,000 and an iPad? For one kid? Cheap bastards (2, Funny)

Anonymous Coward | about 2 years ago | (#40674081)

What would you give the mini-hacker?

A car? A house? A pony?

Clearly you give them "1337" merit badges. All the other kids get "p0wned" written in Sharpie on their foreheads.

Re:$1,000 and an iPad? For one kid? Cheap bastards (0)

Anonymous Coward | about 2 years ago | (#40673913)

It would be nice if AT&T could fix their shitty service. They are shit and I'm sick of them throttling back the service as well if I'm lucky enough to even get a connection lately.

Re:$1,000 and an iPad? For one kid? Cheap bastards (1)

Ghubi (1102775) | about 2 years ago | (#40674403)

That's pretty much what I think about the whole crowd-sourcing X prize phenomenon. This is what happens when a society institutes greed as a moral virtue.

Re:$1,000 and an iPad? For one kid? Cheap bastards (2)

dkleinsc (563838) | about 2 years ago | (#40674931)

Also, what they may be going for is a situation in which they can truthfully advertise "We sponsored a contest for lots of hackers to find bugs, and they couldn't find anything." (while carefully omitting the fact that the hackers in question were all 11-year-olds)

There's another flaw too, which is this: "Hey kids, want to make way more than that lame iPad? If your hack is really clever, sell it to our totally legitimate Russian company for $15,000." (Actually, that's a problem with all white hat hacking, but kids are generally easier to entice because they haven't developed such flaws as a sense of morality.

Re:$1,000 and an iPad? For one kid? Cheap bastards (0)

Anonymous Coward | about 2 years ago | (#40677061)

Maybe its just the cynic in me, but this seems like a real rip off. How many bugs will be discovered in total?

Most likely zero. Maybe the winner actually finds one.

These are kids, dude. It's a PR thing to encourage kids to go into software careers, they're not actually going to be useful compared to someone who has training and experience.

Re:$1,000 and an iPad? For one kid? Cheap bastards (1)

Darinbob (1142669) | about 2 years ago | (#40677447)

Hey, they're taking kids to Vegas. With all the booze and blackjack and strippers they won't even care about the ipads.

Re:$1,000 and an iPad? For one kid? Cheap bastards (0)

Anonymous Coward | about 2 years ago | (#40678561)

How many bugs? Almost zero, because kids are brainless little bastards.

Thank goodness! (5, Insightful)

FreedomOfThought (2544248) | about 2 years ago | (#40673643)

Glad to see they are encouraging white hat hacking. I hope they remain effective. Thousand dollars seems a little low. Surely they can do better, and put it towards their future education needs.

Re:Thank goodness! (4, Insightful)

Loughla (2531696) | about 2 years ago | (#40673809)

Exactly - you catch the little fellas and ladies while they're young, that way they don't turn into black-hats later. This is called investing in the future, and there needs to be shitloads more of it. I don't care if they don't catch anything major, just investing in them and showing that older folks value their insight goes a long way, ask any teacher.

Re:Thank goodness! (1)

k(wi)r(kipedia) (2648849) | about 2 years ago | (#40674935)

$1000 isn't low for what's probably a bug too minor to win, say, a Chrome or Firefox bounty. Besides, the goal is to get kids into thinking about security, not to give them jobs as penetration testers or elite hax0rs.

Re:Thank goodness! (1)

FreedomOfThought (2544248) | about 2 years ago | (#40675393)

Shouldn't there still be some sort of program to further their knowledge if they should deem necessary? If a child wins the contest, and shows potential, then why give them a $1000 and end it there? You are right about possibly not winning a Chrome/Firefox bounty, but lets get them there.

Re:Thank goodness! (1)

k(wi)r(kipedia) (2648849) | about 2 years ago | (#40680319)

My worry is that the young participants would see this as the sort of bribe parents give their kids to make them do their homework. "Hey, Junior, if you study your math, I'll take you to the theme park on Sunday."

Somebody's completely clueless (1)

sgt_doom (655561) | about 2 years ago | (#40675961)

Huh????? AT&T is the principal force behind the end of network neutrality, although there are many who would argue they've already ended it.
Why in the bloody H don't you realize this? Obey the master corporation, huh? Say, dood, any idea who actually owns AT&T???

Re:Somebody's completely clueless (1)

FreedomOfThought (2544248) | about 2 years ago | (#40729607)

I'm sorry; I fail to see the point you are trying to make. By your logic, I should ignore any good things that anyone ever does because of a differing perspective on how things should be. Of course, I may have interpreted your statements incorrectly as they seem off topic and rather aimless and confused. I'm sure I have some tin-foil around here somewhere that I could make a hat out of and send to you. Consider it a gift from the "dood" who blindly "obey[s] the master corporation[s]".

That $1000 will not cover the full 2 year data pla (5, Insightful)

Anonymous Coward | about 2 years ago | (#40673743)

That $1000 will not cover the full 2 year data plan cost that comes with that Ipad.

Re:That $1000 will not cover the full 2 year data (0)

Anonymous Coward | about 2 years ago | (#40674041)

troll. ipad doesn't require a contract, and doesn't even require you to activate it at purchase. go away, you wasted attempt at snark.

Re:That $1000 will not cover the full 2 year data (1)

nazsco (695026) | about 2 years ago | (#40674715)

Not to mention it's the least hacker friendly device ever.

Always laugh my ass off when i see macs at hacker conferences and they turn out to not be hype journalists.

Re:That $1000 will not cover the full 2 year data (1)

hackula (2596247) | about 2 years ago | (#40675365)

What's wrong with a hacker using a mac? If it's good enough for Otacon, it's good enough for any hacker.

Re:That $1000 will not cover the full 2 year data (1)

BryanL (93656) | about 2 years ago | (#40675225)

Maybe I missed something, but where does it say this is a 3G iPad? Even if it is, getting a wireless plan over 2 years at $30 a month for the 3GB plan only comes out to $720. I hate to see troll comments get modded +5 informative based on hate.

from hackers (-1)

Anonymous Coward | about 2 years ago | (#40673759)

oh i have to do this daily do i , getting tired of it ....corporates the message is....

FUCK OFF
nothing like supporting one of the most evil spying bastard entities of the usa....

Don't forget to wish Owebama a Happy Ramadan! (-1)

Anonymous Coward | about 2 years ago | (#40673877)

Alahu ackbar! *stones rape victim for being slutty*

Get them when there young (0)

Anonymous Coward | about 2 years ago | (#40673969)

You know what they say. Get them when they are young. Maybe they can take the meaning of hacking back to it's original meaning.

Re:Get them when there young (1)

Ghubi (1102775) | about 2 years ago | (#40674097)

I think finding zero day bugs fits better with the current meaning of hacking than with it's original meaning.

How about about not using the term "hacking"? (1)

GodfatherofSoul (174979) | about 2 years ago | (#40674261)

To me it implies either some sort of intrusion attempt or code-and-go design. Seems like the definition war has been lost on that front. Either way, these kids are testers, not hackers.

Coming to the industry relatively late in life, I've seen a youth fascination with the deconstructor rather than the constructor side of the industry that probably isn't doing any of us any good.

Not a career, a contest! (0)

Anonymous Coward | about 2 years ago | (#40674563)

And they wonder why kids aren't considering a career in information security! Because all I see in the news are these contests where professional-level work might win someone a pittance. No one wants to pay for information security. Why would they, when they can sponsor a contest and get people to do it for next to nothing? Where did this stuff come from, anyway?

Condescending bullshit for kids. (4, Informative)

GNUALMAFUERTE (697061) | about 2 years ago | (#40674577)

They say "She found a whole new kind of exploit", and that she's found many zero-day exploits in mobile apps.

Ok. So I keep reading. Here's all of it: She changes the date on her phone so the trial lasts longer. That's it.

We've been doing that for decades. I did when I was 10 too, in DOS, and so did most of you. An entire generation changed their machine's date so we could use expired trials. We did this back in the 80's, and none of us got press as 1337 hax0rz for it.

This is the equivalent of every kid is a winner, for technology. Everyone is a computer genius at this conference, even if they can't code and all they do is play with their phone all day long and try to beat trials using a technique that's 30 years old,and that's not technical at all.

Re:Condescending bullshit for kids. (1)

kelemvor4 (1980226) | about 2 years ago | (#40674649)

The truth is, we're all winners. Because out of all those sperm, we're the ones who made it!

Re:Condescending bullshit for kids. (1)

Anonymous Coward | about 2 years ago | (#40674745)

The truth is, we're all winners. Because out of all those sperm, we're the ones who made it!

Worst Prize Ever

Re:Condescending bullshit for kids. (0)

Anonymous Coward | about 2 years ago | (#40674679)

Oh man, on real arcade I used to extract the binary launcher from the timer launcher and replace the timer launcher with the binary launcher so that I'd have unlimited play time. (It's simpler than it sounds exe1 when opened creates exe2 replace exe1 with the created exe2 before exe1 deletes exe2). Good times were had when I was thirteen (about 9 years ago)

Re:Condescending bullshit for kids. (0)

Anonymous Coward | about 2 years ago | (#40675213)

They don't say what OS she is using, since they are giving away iPads I wonder if it's Apple. If it is shouldn't she removed from being allowed to use Apple products for a year? She is showing a security hole that allows people to jump though timed areas of games that people can pay good money to get a full grown crop right now! Think if someone uses a mobile time clock for payroll this can really mess up things!
 
Oh by the way - GET OFF MY LAWN!

Re:Condescending bullshit for kids. (1)

dutchwhizzman (817898) | about 2 years ago | (#40676025)

Maybe it's not new for us, but it's new for the platform and developers that get tricked by such a simple hack should be ashamed of themselves. I think that's enough merit for an 11 year old to be getting some sort of reward for their discovery. Taking this initiative and actively hosting a contest this year so kids get an idea about IT security, not to mention all the grown ups that get to hear about it too, is way more valuable than "we did that years ago on the platforms we used as kids".

Re:Condescending bullshit for kids. (1)

GNUALMAFUERTE (697061) | about 2 years ago | (#40681261)

Your post doesn't make any sens. "we did that years ago on the platforms we used as kids" is exactly the point here.

It's like making reports and giving rewards to kids that manage to cross the street in order to get grown ups to hear about road safety. There are better ways, and since any kid can do it, and kids have been doing so for ages, it's not something to be rewarded or praised.

Something seems off here... (2)

kelemvor4 (1980226) | about 2 years ago | (#40674623)

AT&T is sponsoring a hacking contest? They're also giving away an ipad? Apple is going to be furious!

do they ant us to hack the ipods? (0)

Anonymous Coward | about 2 years ago | (#40675901)

done....

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...