At This Camp, Kids Learn To Question Authority (And Hack It)
NPR, August 17, 2012
DefCon Kids grew out of the hack conference DefCon, the largest, most important gathering of computer hackers on the planet. Thousands flock to the conference to compete in computerized challenges and puzzles.
The talks — on everything from airline security to how to hack nuclear facilities — can strike fear into the hearts of the uninitiated.
But organizers say their intent is to make the world safer and more transparent by testing the technologies we depend on.
And now they are trying to teach kids to do the same thing.
Computer hacking for 8-year-olds
CNN, July 31st, 2012
At the annual Def Con hacking conference here Friday, Gen. Keith Alexander, director of the National Security Agency and head of the U.S. Cyber Command, brought CyFi on stage during his keynote address and called her “the most important person for our future.”
CyFi is 11 years old.
For the second year in a row, Def Con organizers included a full schedule of Def Con Kids programs for beginner hackers ages 8 to 18. The children and teens, who must be accompanied by a parent, learned how to pick locks, competed to find the most bugs in mobile apps and learned about digital forensics by investigating a mock crime scene in a hotel room. Some skilled young hackers also taught classes and gave talks.
Gold Medal For Hacking? CyFi Should Win It
Huffington Post, July 28th, 2012
Last year at DEFCON 19, a 10-year-old girl hacker known only as CyFi, announced her discovery of a security flaw in iPhone and Android games. That year, CyFi co-founded DEFCON Kids as a companion event to DEFCON, with contests and sessions so kids could safely participate in all the hacking fun. This year at DEFCON 20, the contributions of CyFi and her adult hacker pals were officially recognized by NSA Director General Keith Alexander. While CyFi didn’t win a gold medal, it was great to see that the people responsible for keeping our homeland safe from cybercrime recognize the contribution of ethical hacking.
NSA director finally greets Defcon hackers
CNET, July 27th, 2012
The U.S. needs to do more to train and educate people in cybersecurity to increase the numbers of hackers who can work on the problems, he said, praising Defcon Kids for doing just that. He congratulated a preteen hacker, CyFi, for winning the Defcon Kids Zero-Day contest by finding a vulnerability that was previously unknown.
“Sometimes you guys get a bad rap,” Alexander said. “From my perspective, what you’re doing to figure out vulnerabilities in systems” is great.
AT&T To Sponsor Zero-Day Contest For Kids
Dark Reading, July 6th 2012
”[DEFCON Kids] teaches them to hack for good and not for evil. It keeps the good name of the hacking world alive,” says FS, a 17-year-old hacker who will speak at DefCon Kids again this year. FS, a high school student who gets hired for white-hat hacking gigs on the side, says DefCon Kids keeps kids out of trouble by showing them how white-hat hacking is “cool.”
It takes the coolest people in Def Con who teach them and show them how doing hacking in a good way is still cool and you can still be a bad-ass,” says FS, who will do a presentation to the kids about Def Con’s famous Wall of Sheep, where users who dare to jump unprotected onto the conference’s WiFi network get publicly outed.
U.S. spy agency chief to meet with hackers at “Defcon”
CNBC, July 20th, 2012
Moss said he invited federal agents to the first Defcon conference, but that they politely declined. They showed up anyway, incognito. They kept coming, in bigger numbers, sometimes in uniform.
”We created an environment where the feds felt they could come and it wasn’t hostile,” Moss said. “We could ask them questions and they wanted to ask the hackers about new techniques.”
He said he’s spent a decade trying to get the head of the NSA to speak at Defcon, but he never imaged it would actually happen: “To me this is really validating of the whole culture.”
US spy chief to go to hacking party
China Daily, July 23rd, 2012
Computer geeks attending the world’s largest annual hacking party in Las Vegas this week willhave a rare chance to rub shoulders with the head of the US National Security Agency.
General Keith Alexander, director of the spy agency that has a focus on cyber security, will speak at the Defcon conference. He is the most senior US government official to ever visit the gathering.
Kids and Hackers, Oh My! DefCon Adds Kids Track
BusinessWeek, August 9, 2011
“The emergence of the DefCon kids’ conference comes as hackers are making headlines around the world. Though the general public often associates hacking with criminality, the engineering culture of the technology mainstream has always embraced people who explore the boundaries of what can be done with computers and other gadgets. Steve Jobs and Stephen Wozniak, the co-founders of Apple Inc., have said they considered themselves “hackers” when they created the first Apple computers in the mid-1970s.”
DefCon Kids Guides Young Hackers to do Good
USA Today, August 8, 2011
“Federal agents spoke to participants of DefCon Kids — to persuade them that it’s cool to be a good guy hacker, who helps fight crime. The kids also got to participate in hacking exercises and contests. At minimum, each came away with higher awareness of safety on the Internet and is now better equipped to be a positive role model for peers.”
‘DefCon’ Hacker Convention Adds Kids Track for First Time
Time Magazine, August 8, 2011
“This year’s DefCon featured what some hardcore attendees might consider to be a startling sight: children. For the first time, DefCon included discussions and tutorials for budding hackers, ages 8 to 16. ”
Children Learn Hacker Ways at DefCon
AFP, August 7, 2011
“Chris Hadnagy and other DefCon Kids tutors were adamant that in a world where children are surrounded by technology it is smart to provide guidance and a place where they can safely, and legally, test hacker skills.”
Children Learn to Be Hackers at DefCon Kids Event
Rolling Stone, August 2, 2011
“Happily, there’s still hope for ensuring your child grows up to be a good little “white hat” angel (as opposed to “black hat” roustabout) yet. ‘Please note that parents must be with their children during any classroom or workroom sessions that they attend,’ explains the organizers’ official website. In other words, even if you can’t teach them right from wrong, at least you’ll know all the same dirty little tricks.”
Forget Spy Kids, Try Kiddie Hacker Conference
Reuters, June 23, 2011
“One goal of Defcon Kids is to convince children from age 8 to 16 that it is cool to be a “white hat,” or benevolent hacker who uses computer skills to fight crime.
“Black hats,” in contrast, work on the dark side of the Internet, using their skills to steal money, identities and other perform nefarious deeds.”
DefCon Child Wizard Exposes Security Flaws in Smartphone, Tablet Games
International Business Times, August 9, 2011
“A 10-year-old girl found that the gaming prowess of many a smartphone can be undermined by some serious security holes.
The girl, who goes by the handle of “CyFi,” found that games on smartphones or tablets running on Apple or Android mobile software can be hacked into by tinkering with its clock settings.
Smartphone games can usually detect and block such cheating, but the girl, who displayed her hacking wizardry at the annual DefCon Hackers Conference in Las Vegas, has found a way to work around such security measures.”
Tween Hacker’s Time-Travel Trick
Dark Reading, August 10, 2011
“Now, CyFi may or may not yet fully appreciate this, but she was the recipient of some serious kudos from famed security researcher Dan Kaminsky.
“It’s legitimately cool work. We’ve known for years that games suffer security risks, for reasons of time, budget, and, to be honest, lack of consequence. Attacks against system clocks are also occasionally effective, though usually by slowing the clock down to keep a cryptographic token alive, or resetting time entirely to allow a token to be revived.
“Time acceleration is extremely rare — I know of only one other use, and that’s to locate ‘phone homes’ where an application or operating system sends traffic to a manufacturer, months, or years after installation.
“Seeing the ‘phone home’ trick used successfully against mobile games — en masse — is impressive, particularly since it apparently works against some online games. That’s amazing: CyFi is basically then exploiting server trust of a client variable, which has a full user experience for alteration,” Kaminsky said.
CyFi isn’t old enough to be on LinkedIn yet, but man, would that be a great endorsement.”
10-year-old hacker finds zero-day flaw in game
CNET, August 7, 2011
A 10-year-old hacker who goes by the pseudonym CyFi revealed today at DefCon 19 a zero-day exploit in games on iOS and Android devices that independent researchers have confirmed as a new class of vulnerability. The girl from California first discovered the flaw around January 2011 because she “started to get bored” with the pace of farm-style games.