ARAb StAtES diSMAyEd At WESt'S cOMPlAcENcy - Kuwait Times
ARAb StAtES diSMAyEd At WESt'S cOMPlAcENcy - Kuwait Times ARAb StAtES diSMAyEd At WESt'S cOMPlAcENcy - Kuwait Times
SATURDAY, MAY 4, 2013 TECHNOLOGY In battle against cyberattacks, hackers wear the ‘white hats’ Tearing apart computer programs to find vulnerabilities WASHINGTON: He’s 26, likes industrial and electronic music, has a bleached-blond Mohawk haircut and sometimes, Mikhail Davidov said, he starts his day “at the crack of noon.” The late hours are in front of a computer, working on reverse engineering, tearing apart computer programs to find their vulnerabilities. Sometimes he works 18 hours straight. “There are few hackers out there who are ‘morning people,’ “ Davidov said. These days, the front lines for security don’t only include soldiers carrying weapons. They include computer whiz kids like Davidov, who works for the Leviathan Security Group, a 20-person firm that operates out of second-floor offices in a renovated 1918 building in Seattle. Chad Thunberg, chief operating officer of Leviathan, said he can relate to Davidov, remembering his own younger days. Thunberg, who is 35 and married with two children, said, “I’m considered a grandpa in my industry. There was a time when I was the Mikhail equivalent. You live and breathe security.” Cyberattacks are costing corporations and consumers - a lot. In a six-year span starting in 2005, data breaches in 33 countries, including the US, cost the firms involved more than $156 billion, according to the nonprofit Digital Forensics Association. Every second, in various parts of the world, there are 18 cybercrime victims - some 1.6 million a day - according to a 2012 Norton by Symantec study. On Friday, the Wenatchee World newspaper reported that a Leavenworth, Wash., hospital said hackers stole more than $1 million from the hospital’s electronic bank account. The Chelan County, Wash., treasurer said it had been able to retrieve about $133,000 by notifying recipient bank accounts, most in the Midwest and East Coast. And the Associated Press reported that LivingSocial, an online deals site, said Friday that its website was hacked and the personal data of more than 50 million customers may have been affected - names, email addresses, date of birth of some users and encrypted passwords. Then there are the Chinese hackers, who blasted into the news in February when Mandiant, an Internet security firm, released a report saying that a group linked to the People’s Liberation Army had systemically stolen confidential data from at least 141 American firms. In his State of the Union address, President Barack Obama warned, “Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions and our air traffic control systems.” That makes Internet security a booming industry, at an estimated nearly $1 billion a year in 2012, according to the consulting firm Frost & Sullivan. Another “white hat” hacker is Adam Cecchetti, 31, who used to work at Leviathan and then in 2010 became one of the founders of Deja vu Security, which operates out of a second-floor renovated loft in Seattle’s Capitol Hill. Sometimes, he has colored his hair blue. Davidov and Cecchetti are on the front lines of fighting off the “black hat” hackers. Yes, that is how they describe their enemy. The latter includes those sending out phishing emails that look like they came from a legitimate source but are fakes trying to get your passwords and credit-card information. Or maybe they are black hats trying to compromise a company’s website just so they can boast about it in hacker circles. For the white hats, their unique skill at finding where a program is vulnerable and how to close the digital doors that the black hats use to penetrate a website is worth $120,000 to $130,000 a year, Thunberg said. “Companies are being attacked by bad people, and if they want to defend themselves, they have to attract these scarce people,” he said. “There are maybe 1,000 individuals of this nature in the world. They have this unique hacker mind-set.” Their clients aren’t exactly keen to publicize that they seek Internet security, said Thunberg, and that’s often written into their contracts with Leviathan. Thunberg said his company’s average contract size is for around $70,000. Citing privacy, he said only that most are Fortune 1000 companies. But one client that didn’t mind talking is a Washington, DCbased company called Silent Circle. For $20 a month, it offers a service that encrypts voice, text and video on a user’s smartphone, tablet or computer. Their customers, said Jon Callas, Silent Circle’s chief technical officer, include US businesses “doing work in China and Eastern Europe and other places where they don’t want their phone calls tapped.” His company, Callas said, hired Leviathan to evaluate the encrypting software for vulnerabilities and fix them. “They helped us find problems before anybody else did,” said Callas. At Deja vu Security, Cecchetti said, work that they’ve done includes posing as new employees at a financial institution, given the standard access to computers. Firms routinely give computer “administrative privileges” to only a handful of individuals. But, Cecchetti said, “within a couple of weeks, we had basically control of the entire organization and could access pretty much anything we wanted.” Deja vu put together “a very large report” on how to fix things, he said. Hackers such as Davidov and Cecchetti have certain similarities. For one thing, they started tinkering with computers when they were kids, and that passion never stopped. Cecchetti grew up in Greensburg, Pa. He helped start a computer club in high school and said that although he ran track and played soccer, “I was plenty nerdy.” As a teen in the 1990s, he was programming video games and went on to creating simple websites, before they had become ubiquitous. Cecchetti earned a master’s from Carnegie Mellon University in electrical and computer engineering, and ended up in Seattle in 2005, working for Amazon to keep black hats from breaking in. Davidov is the son of Russian immigrants. His father worked at a tech firm in Moscow and got a visa to come to the US in 1995, moving the family to Woodinville, Wash. But even in the old country, when he was 5, Davidov said, he was using a computer his father brought home, “playing little DOS games,” the early operating system. By his teen years, Davidov was hacking into video games so he could beat them. Having promised his parents that he’d go to college, Davidov enrolled at the DigiPen Institute of Technology in Redmond, Wash., and earned a fouryear degree in “Real-Time Interactive Simulation.” Said Davidov, “That means I know video games.” It is the ability to look at programs over, under, sideways and down that makes a Davidov so valuable, and in such short supply. At the University of Washington’s renowned Computer Science and Engineering program, out of nearly 50 faculty members, “we have one full-time faculty member, Yoshiro Kohno, who is a superstar in computer security, but we’re hoping to grow in that area in the near future,” said its chairman, Hank Levy. But even with more college classes in cybersecurity, it is realworld experience that is needed, said Davidov. Outside of a school’s lab, he said, it all gets “much grander in scope.” There are also personal aspects, he said, such as when he delivers a report to developers who had spent a long time working on a program, and he points out its security flaws. The developers, he said, “can get a little defensive, and it can become a little confrontational.” For both Davidov and Cecchetti, it was a conscious, and simple, decision to become a white hat. Said Cecchetti, “I’m not in this business to harm people, or to take Grandma’s savings, or deface somebody’s website.” There is plenty of money to be made in Internet security. “Things are very good,” Cecchetti said about Deja vu, which has a staff of a dozen. Companies pay for security because getting hacked can cost plenty. At Leviathan, SEATTLE: Mikhail Davidov (right) is a senior security consultant with the 20-person Leviathan Security Group. Duncan Smith (left) is his colleague. A Leviathan official says most of their clients are Fortune 1000 companies. — MCT on one of the brick walls are a dozen or so framed exotic bugs. Chad Thunberg, as one of Leviathan’s bosses at the 20-person company, said that every time the company finds “a big-deal” bug in software, up goes another display insect. At Deja vu, a small gong gets banged when there is some good news. “Deja vu” is a very specific reference point in the hacker mentality. Cecchetti said it’s from the 1999 movie “The Matrix,” which he figures he’s seen 10 or 20 times. The hero, played by Keanu Reeves, is a hacker in a future time in which humans live in an artificial reality. In the movie, Reeves sees a black cat walk by, and then immediately sees the same black cat walk by again. “Whoa. Deja vu,” he says. It turns out that “deja vu” is a glitch in the matrix, and happens when something is changed in that cyberspace reality. The logo for Deja vu Security even has a black cat. Cecchetti now is one of those who hires, and said that when interviewing applicants, he wants to know, “Can they see things from the perspective of a hacker, gleeful to see how things are made? They need to want to peel away the layers. What happens if I make a very small change in the system?” If you can do that, you can come to the office in any hairstyle you want. “It’s usually a little bit of a shock,” Davidov said about how some clients react to his Mohawk. “But once they start seeing the output of the work we do, they find it almost endearing.”— MCT
SATURDAY, MAY 4, 2013 TECHNOLOGY Clean technology investors shift focus to drilling NEW YORK: A decade ago, large investors in so-called clean technology had a straightforward goal: finance companies that would help eliminate the world’s dependence on oil, natural gas and coal. But as profits from wind, solar, biofuels and other alternatives consistently fell short of expectations - and as the fossil fuel business boomed - things got complicated. Venture capitalists and other investment funds started stretching the definition of clean technology almost beyond recognition in an effort to make money while clinging to their environmental ideals. Today, clean technology investment funds are not trying to replace the fossil fuel industry, they’re trying to help it by financing companies that can make mining and drilling less dirty. The people running these funds acknowledge the apparent hypocrisy, but defend a more liberal definition of clean technology. “Oil and gas will be with us for a long time. If we can clean that up we will do the world a great service,” says Wal van Lierop, CEO of Chrysalix, a Vancouver, Canada-based venture capital firm founded in 2001. Chrysalix still backs companies that fit the more traditional definition of clean energy - including Bridgelux, which makes more efficient light bulbs, and Agilyx, which turns plastic waste into fuel. But the firm, whose website boasts that it is “100 percent focused on clean energy” is a backer of MineSense, which helps miners operate more efficiently by assessing the quality of ore as it is being scooped. It also supports GlassPoint, which helps drillers extract more oil by using steam generated with solar power. Environmentalists have mixed feelings. They welcome technologies that reduce the environmental footprint of oil and gas development. But they worry the newfound abundance of oil and natural gas - and all the money that can be made helping drillers - has distracted clean technology backers from what once seemed to be their main goal: to make oil and gas a thing of the past. Mark Brownstein, who runs the energy and climate program at the Environmental Defense Fund, says “some don’t have the stomach for that and are simply going with the flow.” The shift has made even those who are helping to drive it squirm. “We’ve wrestled with it,” says Alan Salzman, managing partner of VantagePoint Capital Partners, one of Silicon Valley’s most prominent venture firms focused on clean technology. “If someone comes up with a more benign way of (exploiting fossil fuels), is that a good thing or a bad thing?” If fossil fuels become more palatable to society, Salzman says, we may end up burning more of them. Ten years ago it seemed as if the world was running out of oil, and what was left of it was in the Middle East. Oil and natural gas prices spiked to alarming highs. And scientists showed that fossil fuels were causing troubling changes to the climate. Pushing for an end of the fossil age made sense for economic, political and environmental reasons. This had Silicon Valley venture capitalists drooling. “Cleantech” as they called it, would be the next big thing. And it was going to be very, very big. These firms saw a chance to profit from what many thought would be the biggest economic shift in history - from fossil energy to renewable energy. But the new energy technologies proved much harder to master than predicted. And oil and gas drillers, using technology advances of their own, learned how to unlock enormous new reserves of fossil fuels. Dozens of solar, biofuels and battery companies failed, unable to show enough promise to go public or attract the attention of bigger companies. “Investors are still waiting for their cleantech investments to produce returns,” says Dallas Kachan, who runs the San Francisco clean technology consulting firm Kachan & Co. “Nobody’s seen the stellar home runs they were hoping for 5 years ago.” Even when clean energy companies have gone public, they haven’t fared well. An index of clean energy companies is down 69 percent since it began in 2005. A similar index of traditional energy companies is up 75 percent over the same period. The value of global clean technology deals fell 29 percent last year to $7 billion, from a record $9.9 billion in 2011, according to the Cleantech Group. But the portion of that sum focused on conventional fossil fuels nearly tripled, to a record $556 million. A few clean technology investors have stayed away from oil and gas despite the temptation. Khosla Ventures, for example, has been a major backer of advanced biofuels even as most of these companies have failed to live up to their promise. The firm does not invest in companies that support fossil fuels. But the drilling boom has led to countless investments in this gray area between clean and dirty. Axine, which is backed by Chrysalix and Royal Dutch Shell, wants to make the drilling process known as fracking less dangerous by treating wastewater produced during drilling without chemicals.—AP Mobile ads lift Facebook NEW YORK: A year ago, Facebook was just testing the waters of mobile advertising, causing plenty of headaches for investors ahead of its massive initial public offering. It has since eased those worries. On Wednesday the world’s biggest social networking company said nearly a third of its advertising revenue came from mobile in the first three months of the year, helping to push total revenue up 38 percent to surpass Wall Street’s expectations. “They are making the transition to mobile faster than anyone anticipated,” said Sterne Agee analyst Arvind Bhatia. “It seems like they are delivering.” Facebook Inc said Wednesday that its net income was $219 million, or 9 cents per share, in the January-March period. That’s up from $205 million, or 9 cents per share, in the same period a year ago, when it was still private. Revenue grew to $1.46 billion from $1.06 billion, above analysts’ expectations of $1.44 billion. Excluding special items, mainly related to stock compensation expenses, Facebook earned 12 cents per share, matching the average of analyst expectations, according to FactSet. Menlo Park, Calif.-based Facebook said that its mobile advertising revenue was 30 percent of its total ad revenue in the first quarter, amounting to $375 million. That’s up from 23 percent, or $306 million, in the fourth quarter. In the third quarter - the first time it disclosed such figures - the company generated 14 percent, or $153 million, of its advertising revenue from mobile. Investors had been worried about Facebook’s ability to grow mobile revenue since before its initial public offering in May 2012. That’s because although the number of people who access Facebook on smartphones and tablet computers has been growing quickly, Facebook didn’t begin showing ads to those users until last year. David Ebersman, Facebook’s chief financial officer, said most advertisers did not specify that their ads be shown only on desktop computers or only on mobile devices, “rather they put their ads into our system and allow us to show the ads on whatever device where the ads will perform best.” Bhatia thinks Facebook will fare even better on mobile devices once Zuckerberg firms up its plan to make money from the growing audience checking into Instagram, a photo-sharing service that the company bought last year for $521 million. The analyst believes Instagram will play a bigger role in Facebook’s business next year.—AP WCup host Brazil promises fast Internet connections Fans may use 3G wireless network BRASILIA: Soccer fans attending next year’s World Cup in Brazil will have no problem going online from stadiums, but they might want to use a local cellphone chip to keep their charges low, Brazilian Communications Minister Paulo Bernardo said on Thursday. Each of the 12 stadiums hosting the 32-nation soccer tournament will have two separate 50-gigabyte networks connected to Brazil’s fiber optic backbone, he told reporters. “I doubt that the stadiums will use one third of the capacity that we are installing,” Bernardo said. “Not even Mr Jerome Valcke will use up all that capacity, though he could if he makes a lot of explosive statements,” the minister said in reference to the general secretary of FIFA, the governing body of global soccer. Valcke was briefly declared persona non grata by the Brazilian government last year for saying Brazil needed a “kick up the backside” to speed up preparations for the World Cup. Though relations between Brazil and Valcke have improved since, FIFA remains concerned about construction delays for the stadiums that will host the games. It has also expressed worries about the readiness of hotel, transport and communications facilities. Brazil has yet to officially open two of the six stadiums that will be used for the Confederations Cup, a dress rehearsal for the 2014 tournament. The smaller contest kicks off on June 15 with Japan facing the host country in the capital, Brasilia. More than half a million soccer fans are expected to travel to Brazil next year for the World Cup. Many will be emailing and posting photos on social networks during the games, congesting local wireless networks. Brazil officially launched the latest fourth generation (4G) wireless technology this week, and the service will be available at the stadiums and in the host cities for the Confederations Cup. But the majority of foreign fans will not be able to use it. That is because most smartphones in the United States and Europe use the 700 MHz frequency, while Brazil’s 4G network uses 2.5 GHz. “Whoever has a 700 MHz cellphone will not be able to use 4G, they will have to use 3G,” Bernardo said. The minister recommended that fans leave their cellphones at home to avoid paying “scorching” international roaming fees, and instead get a local chip on arrival in Brazil. Brazil’s wireless infrastructure is among FIFA’s top concerns ahead of the World Cup. FIFA spokesman Walter de Gregorio said last month Brazil BRASILIA: Brazilian Minister of Communications, Paulo Bernardo offers an interview to the Foreign Correspondents Association at the Ministry in Brasilia. Bernardo talked about the advances of the telecommunications in the country and the preparations ahead of FIFA’s Confederations Cup in 2013 and World Cup in 2014. — AFP should maybe fix its 3G network before jumping to 4G. The number of 3G users in Brazil has grown “explosively” to 70 million since the technology was introduced in 2008, and is expected to grow to 130 million by the end of 2014, Bernardo said. Brazilians complain the service provided by local cellphone companies is poor, with connections dropping regularly and signals congesting at crowded events such as music festivals. Paying for access to Wi-Fi may be the best means of communications at the World Cup for those wanting to capture the excitement of the games and post it on social networks. Ample high-speed Wi-Fi access will be good news for the heaviest users of broadband at any major sporting event: the media, who rely on the Internet to send out pictures and video images. — Reuters
- Page 1 and 2: SUBSCRIPTION Swimming pools in Kuwa
- Page 3 and 4: SATURDAY, MAY 4, 2013 Merging proje
- Page 6 and 7: SATURDAY, MAY 4, 2013 Brothers, sis
- Page 8 and 9: SATURDAY, MAY 4, 2013 INTERNATIONAL
- Page 10 and 11: SATURDAY, MAY 4, 2013 INTERNATIONAL
- Page 12 and 13: SATURDAY, MAY 4, 2013 Malaysia oppo
- Page 14 and 15: SATURDAY, MAY 4, 2013 A water dropp
- Page 16 and 17: SATURDAY, MAY 4, 2013 Qatar extends
- Page 18 and 19: SATURDAY, MAY 4, 2013 Paul Otellini
- Page 20 and 21: SATURDAY, MAY 4, 2013 BUSINESS MOGA
- Page 22 and 23: SATURDAY, MAY 4, 2013 The couple -
- Page 24 and 25: SATURDAY, MAY 4, 2013 Actor Robert
- Page 26 and 27: SATURDAY, MAY 4, 2013 Director says
- Page 28 and 29: SATURDAY, MAY 4, 2013 In this June
- Page 32 and 33: SATURDAY, MAY 4, 2013 TV listings 0
- Page 34 and 35: SATURDAY, MAY 4, 2013 WHAT’S ON P
- Page 36 and 37: SATURDAY, MAY 4, 2013 BOSTON: Carme
- Page 38 and 39: Al-Madena 22418714 Al-Shohada’a 2
- Page 40 and 41: SATURDAY, MAY 4, 2013 Word Search Y
- Page 42 and 43: SATURDAY, MAY 4, 2013 New-look Capi
- Page 44 and 45: SATURDAY, MAY 4, 2013 sports Sincla
- Page 46 and 47: SATURDAY, MAY 4, 2013 SPORTS German
- Page 48: SATURDAY, MAY 4, 2013 Sports Atleti
SATURDAY, MAY 4, 2013<br />
TECHNOLOGY<br />
In battle against cyberattacks,<br />
hackers wear the ‘white hats’<br />
Tearing apart computer programs to find vulnerabilities<br />
WASHINGTON: He’s 26, likes industrial and electronic music,<br />
has a bleached-blond Mohawk haircut and sometimes, Mikhail<br />
Davidov said, he starts his day “at the crack of noon.” The late<br />
hours are in front of a computer, working on reverse engineering,<br />
tearing apart computer programs to find their vulnerabilities.<br />
Sometimes he works 18 hours straight. “There are few hackers<br />
out there who are ‘morning people,’ “ Davidov said.<br />
These days, the front lines for security don’t only include soldiers<br />
carrying weapons. They include computer whiz kids like<br />
Davidov, who works for the Leviathan Security Group, a 20-person<br />
firm that operates out of second-floor offices in a renovated<br />
1918 building in Seattle. Chad Thunberg, chief operating officer<br />
of Leviathan, said he can relate to Davidov, remembering his<br />
own younger days. Thunberg, who is 35 and married with two<br />
children, said, “I’m considered a grandpa in my industry. There<br />
was a time when I was the Mikhail equivalent. You live and<br />
breathe security.”<br />
Cyberattacks are costing corporations and consumers - a lot.<br />
In a six-year span starting in 2005, data breaches in 33 countries,<br />
including the US, cost the firms involved more than $156 billion,<br />
according to the nonprofit Digital Forensics Association. Every<br />
second, in various parts of the world, there are 18 cybercrime<br />
victims - some 1.6 million a day - according to a 2012 Norton by<br />
Symantec study.<br />
On Friday, the Wenatchee World newspaper reported that a<br />
Leavenworth, Wash., hospital said hackers stole more than $1<br />
million from the hospital’s electronic bank account. The Chelan<br />
County, Wash., treasurer said it had been able to retrieve about<br />
$133,000 by notifying recipient bank accounts, most in the<br />
Midwest and East Coast. And the Associated Press reported that<br />
LivingSocial, an online deals site, said Friday that its website was<br />
hacked and the personal data of more than 50 million customers<br />
may have been affected - names, email addresses, date of birth<br />
of some users and encrypted passwords.<br />
Then there are the Chinese hackers, who blasted into the<br />
news in February when Mandiant, an Internet security firm,<br />
released a report saying that a group linked to the People’s<br />
Liberation Army had systemically stolen confidential data from<br />
at least 141 American firms. In his State of the Union address,<br />
President Barack Obama warned, “Now our enemies are also<br />
seeking the ability to sabotage our power grid, our financial<br />
institutions and our air traffic control systems.”<br />
That makes Internet security a booming industry, at an estimated<br />
nearly $1 billion a year in 2012, according to the consulting<br />
firm Frost & Sullivan. Another “white hat” hacker is Adam<br />
Cecchetti, 31, who used to work at Leviathan and then in 2010<br />
became one of the founders of Deja vu Security, which operates<br />
out of a second-floor renovated loft in Seattle’s Capitol Hill.<br />
Sometimes, he has colored his hair blue. Davidov and Cecchetti<br />
are on the front lines of fighting off the “black hat” hackers. Yes,<br />
that is how they describe their enemy.<br />
The latter includes those sending out phishing emails that<br />
look like they came from a legitimate source but are fakes trying<br />
to get your passwords and credit-card information. Or maybe<br />
they are black hats trying to compromise a company’s website<br />
just so they can boast about it in hacker circles. For the white<br />
hats, their unique skill at finding where a program is vulnerable<br />
and how to close the digital doors that the black hats use to<br />
penetrate a website is worth $120,000 to $130,000 a year,<br />
Thunberg said.<br />
“Companies are being attacked by bad people, and if they<br />
want to defend themselves, they have to attract these scarce<br />
people,” he said. “There are maybe 1,000 individuals of this<br />
nature in the world. They have this unique hacker mind-set.”<br />
Their clients aren’t exactly keen to publicize that they seek<br />
Internet security, said Thunberg, and that’s often written into<br />
their contracts with Leviathan. Thunberg said his company’s<br />
average contract size is for around $70,000. Citing privacy, he<br />
said only that most are Fortune 1000 companies.<br />
But one client that didn’t mind talking is a Washington, DCbased<br />
company called Silent Circle. For $20 a month, it offers a<br />
service that encrypts voice, text and video on a user’s smartphone,<br />
tablet or computer. Their customers, said Jon Callas,<br />
Silent Circle’s chief technical officer, include US businesses<br />
“doing work in China and Eastern Europe and other places<br />
where they don’t want their phone calls tapped.” His company,<br />
Callas said, hired Leviathan to evaluate the encrypting software<br />
for vulnerabilities and fix them. “They helped us find problems<br />
before anybody else did,” said Callas.<br />
<strong>At</strong> Deja vu Security, Cecchetti said, work that they’ve done<br />
includes posing as new employees at a financial institution, given<br />
the standard access to computers. Firms routinely give computer<br />
“administrative privileges” to only a handful of individuals.<br />
But, Cecchetti said, “within a couple of weeks, we had basically<br />
control of the entire organization and could access pretty much<br />
anything we wanted.” Deja vu put together “a very large report”<br />
on how to fix things, he said.<br />
Hackers such as Davidov and Cecchetti have certain similarities.<br />
For one thing, they started tinkering with computers when<br />
they were kids, and that passion never stopped. Cecchetti grew<br />
up in Greensburg, Pa. He helped start a computer club in high<br />
school and said that although he ran track and played soccer, “I<br />
was plenty nerdy.” As a teen in the 1990s, he was programming<br />
video games and went on to creating simple websites, before<br />
they had become ubiquitous. Cecchetti earned a master’s from<br />
Carnegie Mellon University in electrical and computer engineering,<br />
and ended up in Seattle in 2005, working for Amazon to<br />
keep black hats from breaking in.<br />
Davidov is the son of Russian immigrants. His father worked<br />
at a tech firm in Moscow and got a visa to come to the US in<br />
1995, moving the family to Woodinville, Wash. But even in the<br />
old country, when he was 5, Davidov said, he was using a computer<br />
his father brought home, “playing little DOS games,” the<br />
early operating system. By his teen years, Davidov was hacking<br />
into video games so he could beat them. Having promised his<br />
parents that he’d go to college, Davidov enrolled at the DigiPen<br />
Institute of Technology in Redmond, Wash., and earned a fouryear<br />
degree in “Real-Time Interactive Simulation.”<br />
Said Davidov, “That means I know video games.” It is the ability<br />
to look at programs over, under, sideways and down that<br />
makes a Davidov so valuable, and in such short supply. <strong>At</strong> the<br />
University of Washington’s renowned Computer Science and<br />
Engineering program, out of nearly 50 faculty members, “we<br />
have one full-time faculty member, Yoshiro Kohno, who is a<br />
superstar in computer security, but we’re hoping to grow in that<br />
area in the near future,” said its chairman, Hank Levy.<br />
But even with more college classes in cybersecurity, it is realworld<br />
experience that is needed, said Davidov. Outside of a<br />
school’s lab, he said, it all gets “much grander in scope.” There<br />
are also personal aspects, he said, such as when he delivers a<br />
report to developers who had spent a long time working on a<br />
program, and he points out its security flaws. The developers, he<br />
said, “can get a little defensive, and it can become a little confrontational.”<br />
For both Davidov and Cecchetti, it was a conscious, and simple,<br />
decision to become a white hat. Said Cecchetti, “I’m not in<br />
this business to harm people, or to take Grandma’s savings, or<br />
deface somebody’s website.” There is plenty of money to be<br />
made in Internet security. “Things are very good,” Cecchetti said<br />
about Deja vu, which has a staff of a dozen. Companies pay for<br />
security because getting hacked can cost plenty. <strong>At</strong> Leviathan,<br />
SEATTLE: Mikhail Davidov (right) is a senior security consultant with the 20-person Leviathan Security Group. Duncan Smith<br />
(left) is his colleague. A Leviathan official says most of their clients are Fortune 1000 companies. — MCT<br />
on one of the brick walls are a dozen or so framed exotic bugs.<br />
Chad Thunberg, as one of Leviathan’s bosses at the 20-person<br />
company, said that every time the company finds “a big-deal”<br />
bug in software, up goes another display insect. <strong>At</strong> Deja vu, a<br />
small gong gets banged when there is some good news.<br />
“Deja vu” is a very specific reference point in the hacker mentality.<br />
Cecchetti said it’s from the 1999 movie “The Matrix,”<br />
which he figures he’s seen 10 or 20 times. The hero, played by<br />
Keanu Reeves, is a hacker in a future time in which humans live<br />
in an artificial reality. In the movie, Reeves sees a black cat walk<br />
by, and then immediately sees the same black cat walk by again.<br />
“Whoa. Deja vu,” he says. It turns out that “deja vu” is a glitch in<br />
the matrix, and happens when something is changed in that<br />
cyberspace reality. The logo for Deja vu Security even has a<br />
black cat.<br />
Cecchetti now is one of those who hires, and said that when<br />
interviewing applicants, he wants to know, “Can they see things<br />
from the perspective of a hacker, gleeful to see how things are<br />
made? They need to want to peel away the layers. What happens<br />
if I make a very small change in the system?” If you can do<br />
that, you can come to the office in any hairstyle you want. “It’s<br />
usually a little bit of a shock,” Davidov said about how some<br />
clients react to his Mohawk. “But once they start seeing the output<br />
of the work we do, they find it almost endearing.”— MCT
Change language