Computer Security is Naughty

Computer Security is Naughty Computer Security is Naughty

Computer security is naughty, plain and simple. From the old-school CISSP grey-beards who coined (and perhaps took pleasure in) "salami attacks" to the new generation, with its Back Orifices and crafty root kits, security people appear to be sex-crazed. Maybe it's a result of a predominately male (ahem) profession, or maybe it's the inevitable expression of the cracker's sublimated and unexpressed sexual angst, accumulated throughout their pitiful and lonely horn-dog teen years. Whatever the reason, you gotta admit, there's something to this theory.

When you think about it, the security crowd really gets to have a lot more fun than, say, ANY other profession. Sexual innuendo can be found everywhere. One could describe an entire relationship, from dating to death, with words almost entirely contributed or used by the security community. So, to prove the point, lets tell a little story, using our impressive collection of naughty computer and security terms. The story of the life of Joe.

Imagine our intrepid cracker, setting out to the bar with his buddies one Friday night - intent to do a little phishing. Anyway, here's Joe, professional editor, heading out to the bar. First of all, he's probably somewhat internally conflicted about his sexuality, and may have already spent some time debating whether or not to pick up a paper and read the man pages and look for an end user instead. He may have even looked up the phone number of a prostitute, intending to make a remote procedure call. But eventually, at the urging of his 1337 buddies, he decides to go to the bar anyway. Of course, Joe is not only sex-crazed but inclined to partying as well, so there's no doubt he'll be hooking up with some drugs - maybe a little hash, a few LIDS of the green, or maybe a little something to Snort. Knowing that he's going into a social situation, and not wanting to get loopy, he probably won't add ACiD on top of the Snort, but you never know. To maintain the uptime he's hoping to get with some special lady, Joe might even go for some 0-day crack, if he could ever figure where to find it.

So, we're at the bar, and its time for a little vulnerability assessment of the joint, looking for those fine ladies that might be down for a little penetration testing of their own. Although the odds don't favor Joe, he's sure that there is some lady out there who has her interface in promiscuous mode, and he's going sniff around to figure out which of them it is. Almost instantly, Joe googles a fine looking bit of tail in the corner, drinking some WINE and with a top that provides significant exposure of her stack. "Mmmm..", Joe ponders, "I'd like to smash THAT for fun and profit." Joe saunters on over to talk to her. "Hey baby", Joe hams, "I don't mean to question your integrity, but I was wondering if we could talk about your availability.. Confidentially, of course." Not impressed, the Bit replies, "Ha, you and every other kiddie in the room. What makes you think you could pass my input validation? Byte me." Undaunted, Joe vollies back "Hey baby, I'm more than capable of taking care of your access point, and I can see you don't need a key for association, so what do you say we go back to my /home?" "Hmmm, OK.. You can call me SARA. I'm no SAINT myself, but are you sure you are virus free?" says Bit. "Oh yeah, my worm is entirely virus free, baby." And off they go.

On the way back to Joe's apartment, all he can think about is hardening her box. As he drives his sled, he notices SARA reaching down to finger his dongle. "Sweeeeeet." he thinks, "She really needs a hotfix, and I'm going to get some Clam tonight for sure." Fortunately, Joe had previously RTFM, and knew just what to do. As soon as they entered the apartment, it was a race condition to see who can get out of their clothes first. Tugging on his driver, they fall into the couch, and Joe immediately starts port scanning. First he finds her honey pot (smells like Squid), then her back door. "Ugh," thinks Joe "this thing is stickier than a LaBrea daemon.... I better move on before I find a tarball." and moves back up the fork, deciding to leave the logger alone for now. Remembering "her pleasure", Joe takes out and installs is root kit, complete with web ring, throws on a Trojan and gets to business fsck'ing. "Please Joe, I need some manual cookie manipulation, won't you be my proxy?" says SARA. "No problem, and not only that but I'll finger your low ports with my other hand as well." Says Joe. "Now THAT is what I call a 3-way handshake!!!" screams SARA, as Joe compresses her partition. Well, things go along pretty well until Joe starts thinking about a piggy-back exploit. As casually as he can, Joe tries a little privilege escalation maneuver on her back Orifice, only to be stopped by a firm port redirect by SARA. "No, Joe, I'm sorry but I must insist on mandatory access control." "Dammit," thinks Joe "I'll have to take that as a NOP and drop my payload right init." Like a TEMPEST of h4x0r love, Joe spews his emissions everywhere with a mighty HUP.

Later, with the end of his pipe looking like a Red Hat from the brute force work, Joe decides it would be nice if he talkd to SARA. "That was great! you are the best stub server I've ever had", says Joe, "but maybe next time your girlfriend and us could get together for a little man in the middle action? You know, go to swap." Naturally, Joe gets slapd. Unfortunately for Joe, what he didn't know is that during this little incident, he unknowningly performed a kernel injection, and spawned a child in the process. Of course the story ends well, as it must, and after a while Joe and SARA fall in love and live happily ever after. Forming a happy little cluster, they fork often, and produce many little children, all of whom vi for their love and attention. Once in a while, SARA even allows him to mount her. And so endeth the saga of Joe and SARA.

Uncle Chunky