Skip to Main Content
To learn security skills, students and developers must be able to switch from their traditional conditioning to the attacker's way of thinking. Exposure to the hacker culture through hacker conferences such as Defcon and others, Phrack and similar publications, and to comprehensive collections such as Packet Storm helps provide the necessary culture slunk or "a-ha" moment and should be integral to every in-depth security curriculum. Recipes for preventing particular kinds of exploits are only a small part of the value these materials provide. The primary and much underappreciated value of these sources lies in facilitating a deeper understanding of the underlying systems by exposing their designers' implicit assumptions and concentrating the students' and developers' attention on the bigger picture of the system and its environment, especially on issues typically glossed over.