To the untrained eye it looked just like any computer screen. There were programs, files and the accumulated digital junk that sits on most people's desktops. But as I looked closely, I could begin to see everything that was happening: every document opened, every password entered, every program activated. It was as if I were looking at my own computer -- except I wasn't. What I was secretly observing was someone else's screen: after just three days of training, I had become a fully fledged hacker.
To be honest, it didn't take much effort. A basic grasp of how a computer works, a tiny bit of familiarity with programming and the ability to force yourself into a puzzling and sometimes tedious world are the raw ingredients for becoming a hacker. The key element though, as my tutor, Byrne Ghavalas, told me, is "intent": you have to want to think like a hacker to become one.
Ghavalas is no ordinary teacher, and this is no ordinary course. He describes himself as "a computer penetration expert" for 7Safe, the security specialists who jointly run the course with Glamorgan University in Wales as part of an MSc in computer forensics.
It serves a serious purpose: the Glamorgan course, split up into hacking and forensics modules, is one of the few in the UK where you can learn these skills legally. The aim is to teach computer security experts what to look out for when protecting against hackers -- by teaching them how they think.
My hacking classmates are all computer network engineers, whose jobs include keeping hackers out of the companies and public institutions for whom they work.
For, as Ghavalas reminds us, while thinking like a hacker may be "cool," acting like a hacker is not just uncool, it is also illegal and highly damaging. Police estimate that last year, hacking in all its forms cost the UK ?2.4 billion (US$4.2 billion), with ?177 million of that from small businesses.
The seriousness of our mission is underlined by our surroundings. We are taught inside a police college in Bedfordshire near London, where the doors slam locked behind you and everyone must wear identity passes at all times. We hone our skills from 9am to 6pm in a brightly lit, air-conditioned classroom where each bench has two sleek computers. The contrast with the real hackers -- our future opponents -- could hardly be more striking. The typical image of the hacker, after all, is of a lone, usually scruffy, young male, sitting in an attic bedroom through the night, trying to break into networks around the world.
This was certainly the image projected by the first generation of hackers, such as Hans Huebner, Kevin Mitnick and Matthew Bevan, known by their "handles" or nicknames. Huebner ("Pengo") and fellow German hacker Karl Koch ("Hagbard") sold defense secrets from the west to the KGB during the cold war. Mitnick, known on the Internet as "Condor", was the first to be convicted under US anti-hacking legislation in 1989, and was arrested and jailed for further offences in 1995. Meanwhile, the Welsh hacker Bevan ("Kuji") was arrested in 1996 for breaking into US air force networks.
Yet my fellow pupils and I have one thing in common with hackers -- we have to learn how to target a computer's weak points. I begin by understanding how a computer works, how it communicates and how it talks. This is when I realize that their basic flaws were there from the very start. I discover that computers talk in a strange sort of pidgin English -- a very basic language, restricted in size and sophistication by the small amount of memory available when computers were first developed. I learn phrases of that language, which is a bit like text speak -- "English lite" for computers.
Ghavalas points out that all computer operating systems have fundamental flaws. One is that, like the people who created them, they are by nature social beings. Say "hello" to a computer and its response will be "hello, who are you?" A computer is designed to respond to questions, yet as soon as it does it starts to leak vital information, data that can be and is used to commit cyber crime.
Our first lesson is in "sniffing" traffic; analyzing the data coming out of an Internet-enabled machine. I need more information, so I provoke my intended victim. The computer responds, emitting a little jet of information -- a mixture of message types and data. This means almost nothing to me, but with the help of some neat programs and a little expert guidance, I begin to discover more useful information about my target.
I find out the machine's name and address and, using a variety of hacking tools, a detailed picture begins to emerge. Gradually, I discover how many users that computer network has, how many programs are being run, and what kind of attack it might be vulnerable to.
When it comes to hacking, information really is power.
One ingenious program allows me to ask a computer for its password policy -- what the length of password is, how the company arrives at them and, eventually, where the passwords are stored.
Now it is time for the first hacking run, and after just three minutes, the first low-level passwords are broken. I am yet to gain the ultimate prize, the administrator's password which would let me control the entire computer and its network.
As my experience and knowledge increase, I can see why hacking is so addictive. It is easy to see why some hackers have a fondness for darkened rooms and green screens: there is an odd sense of immersion as you tunnel your way into a computer system. It is also voyeuristic. You feel as though you are on the other side of a two-way mirror -- there is a feeling of power, achievement and acute excitement caused by knowing you could be caught at any moment.
At some point during all this I also start to sense what many cyber-cops believe, that hackers break down into three main groups.
So far I had been playing in the kindergarten of the joyriding "script kiddies." This is where people intent on hacking can find off-the-shelf tools to help them exploit known weaknesses in computer systems. Once I had reached this level, I then felt the urge to do even more, and this is where danger for the unwary lies. They go that little bit further, becoming known in the jargon as a "cracker," and then they are hooked -- and get caught.
One example is Briton Gary McKinnon, who is fighting extradition to the US. If he fails, he will face a 78-year jail sentence from US courts for hacking into the US military computer network. By his own admission McKinnon is not a great hacker: he simply discovered that much of the US military computer network used a particular route, and that a lot of them used passwords such as "admin" and "password."
Both these groups -- hackers who get caught and script kiddies -- use hacking tools that have already been created. Out in cyberspace there are Web sites where you can buy or find these easily enough.
These include sites where someone will sell you stolen credit card numbers, and those where for ?200 (US$350) you get penetration code adapted to run on any computer without alerting most security software.
However, someone has to create this endless stream of programs in the first place -- and these people are the uber-hackers. They are also rumored to know of "zero day releases": flaws in computer code that nobody else knows about, which they exploit until they have no further use for -- at which point they throw them to the script kiddies.
Only then do companies such as Microsoft work out a fix for the weaknesses that the uber-hackers have exploited. By definition, of course, no one can be sure just who these elite hackers are -- precisely because they never get caught.
"There is no doubt in our minds that uber-hackers are out there, people who are ahead of the game," says Alan Philips, 7Safe's managing director. "Maybe they just want money, maybe they just like the thrill of knowing some weakness that no one else knows, maybe they have tried it out and are scared of being caught."
Their presumed presence, however, is why his firm runs the hacking course -- from which, three days later, I graduate. "We want people to understand just what the top hackers can really do," says Philips.
Knowing what I can do after just a few days' training, that is quite a scary thought.
Recently, China launched another diplomatic offensive against Taiwan, improperly linking its “one China principle” with UN General Assembly Resolution 2758 to constrain Taiwan’s diplomatic space. After Taiwan’s presidential election on Jan. 13, China persuaded Nauru to sever diplomatic ties with Taiwan. Nauru cited Resolution 2758 in its declaration of the diplomatic break. Subsequently, during the WHO Executive Board meeting that month, Beijing rallied countries including Venezuela, Zimbabwe, Belarus, Egypt, Nicaragua, Sri Lanka, Laos, Russia, Syria and Pakistan to reiterate the “one China principle” in their statements, and assert that “Resolution 2758 has settled the status of Taiwan” to hinder Taiwan’s
Singaporean Prime Minister Lee Hsien Loong’s (李顯龍) decision to step down after 19 years and hand power to his deputy, Lawrence Wong (黃循財), on May 15 was expected — though, perhaps, not so soon. Most political analysts had been eyeing an end-of-year handover, to ensure more time for Wong to study and shadow the role, ahead of general elections that must be called by November next year. Wong — who is currently both deputy prime minister and minister of finance — would need a combination of fresh ideas, wisdom and experience as he writes the nation’s next chapter. The world that
Can US dialogue and cooperation with the communist dictatorship in Beijing help avert a Taiwan Strait crisis? Or is US President Joe Biden playing into Chinese President Xi Jinping’s (習近平) hands? With America preoccupied with the wars in Europe and the Middle East, Biden is seeking better relations with Xi’s regime. The goal is to responsibly manage US-China competition and prevent unintended conflict, thereby hoping to create greater space for the two countries to work together in areas where their interests align. The existing wars have already stretched US military resources thin, and the last thing Biden wants is yet another war.
Since the Russian invasion of Ukraine in February 2022, people have been asking if Taiwan is the next Ukraine. At a G7 meeting of national leaders in January, Japanese Prime Minister Fumio Kishida warned that Taiwan “could be the next Ukraine” if Chinese aggression is not checked. NATO Secretary-General Jens Stoltenberg has said that if Russia is not defeated, then “today, it’s Ukraine, tomorrow it can be Taiwan.” China does not like this rhetoric. Its diplomats ask people to stop saying “Ukraine today, Taiwan tomorrow.” However, the rhetoric and stated ambition of Chinese President Xi Jinping (習近平) on Taiwan shows strong parallels with