Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I would argue the magazines (such as 2600, which I absolutely loved when I was young) and books and oral tradition are all just ways of passing around specific and awesome anecdotes: it doesn't teach you how to do that, it is just interesting facts or entertainment for people who know.

What you need, instead, is a mindset: when you are at the supermarket checking out with one of those self-checkout machines, does some part of your brain start figuring out mistakes made in the mechanism that might allow someone to steal items?

If not, that is the kind of thought process that you need to get yourself to start doing: you need to keep asking yourself "if I were evil, could I do something evil here?", and you need to make it fun enough that you are doing it constantly.

With this mindset, finding exploits in software just becomes "teach me to program", as the kind of devious backchatter in your brain will just see things popping out "wait, what's to keep someone from cheating here and doing the opposite of what you say?".

The really epic hacks then just come from many years (the stereotypical 10,000 hours) of experience programming and trying things: it isn't because they read some magazine or learned from someone else. Instead, their midset just got better.

Think of it this way: it makes a lot of sense to ask "how do I learn how to use a violin", but "how do I learn musical taste" and "how do I learn to hear music in everything that surrounds me" are more awkward. The former is a skill, the latter two are mindsets.



I had an opportunity once to sit down with Don Knuth and play Halo on the X-box. Don was doing really poorly and I said, "Don, what are you doing?" His answer was "Playing."

But for Don, playing wasn't kill the bad guys, get the best weapon upgrade, it was "What happens if I just sit here when this NPC wants me to follow him?", "Can I jump off this ledge in the back even though the game doesn't think I should?" He was playing not the game of Halo but the game of Halo Exploits! Once I realized what he was doing we started a variety of different tactics to see if we could break the game. We found several in a fairly short period of time. One where you could get 'behind' the geometry of the space ship you were on, run all the way to the other side where the big bad guy for the level was, and shoot him dead up through the floor without him being able to fight back. It was quite fun.

There is a story about a physics student given a word problem of finding the height of a building using a barometer. Since they couldn't remember the perfect gas law they instead drop the barometer from the roof and time how long it takes to smash into the ground below. Then compute the height that way. It that kind of thinking that people use to find exploits. That, time, and sometimes browsing the source code.

Doing security code reviews is also good training.


> There is a story about a physics student given a word problem of finding the height of a building using a barometer.

If memory serves me right, Bohr was the student and Rutherford was the arbitrator?

Edit: Legend according to snopes (http://www.snopes.com/college/exam/barometer.asp)


"I had an opportunity once to sit down with Don Knuth and play Halo on the X-box." ... best thing I will read today.


Wow, that must have been awesome. Thanks for sharing!


I think finding holes can be a matter of developing dry, ironic sense of humor.

A hole is more or less a bug that can pushed a bit further. It has a lot of similarities to a joke. You thought your code "meant" X but really it "means" Y. SQL injection is a way of "saying" something that your "audience" wasn't quite expecting. It's a lot the jokes that start "he put the frozen turkey in the back of his truck and drove off ... and then ... and then" with lots of unexpected results.

My totally non-expert opinion is that if you practice finding this stuff amusing, you'll see more and more of it.


Specifically with code, you have to learn how to see it in a more abstract way. Not just a sequence of instructions, but a function that operates on a space of inputs, some good, some bad. Almost like a quantum superposition of all possible inputs, and which outputs those generate.

There is a great interactive article on this by Bret Victor: http://worrydream.com/LadderOfAbstraction/




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: