Sojish and me have a secret deal – I write about him and the great things he does and he reciprocates. That is why you’ll see his site having a lot of references of his boss and my site having his references… Now sometimes this goes beyond just the two of us, as it happened today when thanks to Sojish I was made to talk in Rajagiri College of Social Sciences. They are conducting a two day seminar on Network Security, called NetSec 05. Frankly speaking I love speaking tech or management stuff, however a felicitation is not my cup of tea.

Robin the boy from Rajagiri came and told me that I must say about the great effort they have put in to conduct this seminar. I said I’ll do just that and he was immediately jittery about it. I said “Hey you and the entire team at Rajagiri have done a lot of work in organizing a national level seminar on Network Security and you need credit for it… ” I must say here that the kids and the college staff have indeed put in a lot of effort for this function.

Anyway, Robin insisted that I talk on something else and this was a challenge. What can a computer engineer talk…. We only write blogs… Not talk. Given below is the relevant portion of my speech at this function… :-)

I quote George Bernard Shaw,

If you have an apple and I have an apple and we exchange these apples then you and I will still each have one apple. But if you have an idea and I have an idea and we exchange these ideas, then each of us will have two ideas.

The computer world was similar to all of us having an apple each till some time back. And then the wise men from the industry made networks. Ideas started flowing all over and soon came in the internet. The internet has been the best thing that has happened to the computer world so far. It has created a platform where we can share our ideas.

With this wonderful platform also came in threats from people who wanted to get in and destroy these networks. We call these bad guys hackers, crackers, script kiddies, cyber criminals and so on… Their only mission is to destroy or access data which they are not supposed to in the first place. 

And thus network security.
To understand network security more, I’ll like to tell tell you a koan –

Once a lamb was drinking water in a mountain stream. A tiger came to drink the water a few yards above him, saw the lamb, and said, “Why are you muddying my stream?”
The lamb said, “How can I be muddying your stream? I’m down here and you’re up there?”
“But you did it yesterday.”
“I wasn’t even here yesterday!”
“Then it must have been your mother.”
“My mother had been dead for awhile. They took her away.”
“Then it must have been your father.”
“My father? I don’t even know who he is!
“I don’t care. It must have been your grandfather or great-grandfather who has been muddying my stream. So I am going to eat you!”, the tiger exclaimed. And with that he pounced on the lamb and made a meal of him.

This is exactly the way a hacker thinks. He looks for excuses to destroy a network. For us to catch a hacker the first and the most important rule is to understand and think like a hacker first.

We must understand that a hacker will hack or make an attempt to hack. It is, therefore, sensible to learn “how to prevent a hacker from doing a damage” rather than knowing “why they do the damage”.

I’ll like to tell you all another  story of one of the greatest con artists of our time –  Frank Abagnale Jr. … Steven Spielberg has made a movie of Abagnale’s novel – “Catch me if you can” . It is the story of a boy who  successfully impersonated an airline pilot, doctor, assistant attorney general and history professor, cashing more than $2.5 million in fraudulent checks in 26 countries.

A criminal-turned-celebrity, Abagnale’s now a turn-to man for some 14,000 financial institutions, corporations and law enforcement agencies (Abagnale says he has worked with 65 percent of the Fortune 500 and all 50 of the world’s largest banks),  he asserts that punishment for fraud and recovery of stolen funds are so rare that prevention is the only viable course of action. “I always knew I’d get caught,” Abagnale said. “Though the law sometimes sleeps, it never dies.

It is said that the – Fools learn from their own experience and the wise learn from others experience. I am sure all of us here are wise. What we need to do is understand and think like a hacker and not become one….

And finally, I’ll like to conclude with yet another Zen koan.

Once upon a time a  Zen Master received a university professor who came to inquire about Zen.
The Zen Master served tea. He poured his visitor’s cup full and then kept on pouring.
The professor watched the overflow until he could restrain himself no longer. “It is overfull. No more will go in!”
“Like this cup”, the Zen Master said, “you are full of your own opinions and speculations. How can I show you Zen unless you first empty your cup?”

My friends, most of us are like the university professor. What we need to do is first empty ourselves and learn. I do hope that this two day Conference is a wonderful learning experience to everybody here. I congratulate the organizers for this initiative. I am sure the success of this conference would lead to many more such initiatives by the kids from Rajagiri.