May 2017
Beginner
320 pages
6h 47m
English
Content preview from Hacking the Hacker
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
40Profile: Adam Shostack
One of my first encounters with Adam Shostack was at Microsoft when he was driving a new way of thinking around a type of problem. In this specific case, it was how to defeat the Conficker worm (https://en.wikipedia.org/wiki/Conficker). Conficker was a particularly nasty malware program that first appeared at the end of 2008. It had several ways of spreading (such as “vectors”), including guessing at weakly password‐protected file shares, a desktop.ini trick, patched software vulnerabilities, and via USB drives using Windows’s built‐in Autorun feature. Conficker was infecting millions of machines a year and was showing no signs of abating. Anti‐malware vendors were readily detecting it and Microsoft had put out several articles on how to stop it from spreading, but it was still prolific.
Shostack proposed using data analysis to look at the problem. He and Microsoft started looking at which attack vectors were allowing Conficker to spread the most. Our initial assumption had been that most of the people being infected had not applied a long‐available patch. And that was indeed one of the most popular vectors early on. But now, nearly two years later, Shostack found out that it was largely due to infected USB keys. Using his collected data, he proposed that Microsoft disable the Autorun feature, which was a huge decision. It meant changing the way Windows worked and was going to force all users, infected or not, to now do something extra to make executables ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.