University Of Calgary To Offer Course On Spam 283
jrcsnet writes "CBC is reporting that the University of Calgary is going to be adding yet another controversial course (The first, on computer viruses, was covered on Slashdot a while back). According to the article, 'Students will be taught how to write programs that create e-mail spam as well as spy software.' While there must be some benefit for everyone else by creating programs to work against these nuisances, is it worth the risk to the rest of us or even to the potential careers of the graduates of the course?"
Suspects (Score:5, Funny)
What's next? A course on editing child porn photos digitally?
Next up... (Score:5, Funny)
Next are courses on Recreational Pharmaceutical Agriculture, Distribution, and Marketing.
Re:Next up... (Score:3, Funny)
Re:Next up... (Score:3, Funny)
Re:Next up... (Score:5, Funny)
Software doesn't spam mailboxes... (Score:2)
Outlaw people, not software. :-)
Re:Next up... (Score:2)
Except that would be good for society. Spam isn't.
Re:Suspects (Score:2)
The next courses will be "Adultery 101" and "How to Abuse your Employees Within the Letter of the Law 203"
Re:Suspects (Score:3, Insightful)
I have myself learned how to hack into computers. I know how damn easy it is, if you make just a few little mistakes when securing your computer. Because I know that, I try to avoid those mistakes very much.
Making a program that sends spam is easy. Anyone with programming skills can do it. But if you actually do it, you will have to fight with the same problems that spammer do, and by doing that, you will le
Re:Suspects --MOD UP (Score:2)
Re:Suspects (Score:3, Informative)
FYI : Calgary is in Canada.
Sweet (Score:2, Funny)
Re:Sweet (Score:2)
Alberta (Score:4, Funny)
And now for some off-topic fun (Score:3, Informative)
If this province is right-wing, well at least they've done right-wing "right" (ie: correctly). The taxes here are
I disagree (Score:2)
Klein is running public services into the ground despite the fact that our provincial debt is completely gone (so this giant surplus can actually go towards services again). I suspect he's doing this so he can save the day by privatising them.
Also, while young people are often liberal, I see religious nuts that are as bad as when I lived in Houston.
Re:I disagree (Score:2)
Re:And now for some off-topic fun (Score:2)
Used to be if you wanted to sell a(n interesting) car in Canada you'd sell it in the US to get the most $. These days you sell it in Calgary.
Re:And now for some off-topic fun (Score:2)
Re:Alberta (Score:2)
Re:Off Topic (Score:2)
Re:Off Topic (Score:3, Funny)
Re:Alberta (Score:2)
But wherever I go in BC, there's always a bunch of paranoid potheads with a nice big grow-op in the backyard. It's a miracle the province ever gets anything accomplished.
Man, I really miss BC. Alberta is still nice and all, but honestly, there's only so many farmers/rednecks you can handle.
Re:Alberta (Score:3, Funny)
As a former Edmontonian now living in Vancouver, I can only come up with one explanation:
All things are relative. If you can't think of anybody in Edmonton who you'd consider a conservative then chances are that you're waaay out there.
To make things less ambiguous, the 'is' after 'myself' should be after 'everyone'
No Tuition Worries! (Score:5, Funny)
It's things like this that keep the word 'almost' in my motto 'I'm almost always proud to be Canadian'.
Possible backlash (Score:2)
[reply]
Dude, you're supposed to spam people OUTSIDE THE SCHOOL, YOU MORON!
(Click)
Message sent.
Re:No Tuition Worries! (Score:2)
I presume another of the things is that your government enshrines the right of couples to use Sharia law to solve divorce arbitrations when all parties agree?
Re:A Little Harsh (Score:2)
You can whine all you want about content filtering, but spam is only about consent, not about content.
Greed (Score:2, Funny)
Re:Greed (Score:2)
Though I doubt the administration has anything to do with it. It's a very high level course with small size, the kind that's typically snapped up by undergrads in their last year, and it requires permission to enrol. The faculty doesn't like courses like that.
Instead, they like to make it easy for large numbers of undergrads in earlier years to get into easy courses with lots of group work (so they don't all have to know wha
Soo.... (Score:3, Insightful)
Either this is some kinda freaky pyramid scheme or I just entered the Twilight Zone...
Re:How to spam others easily... (Score:2)
Uhhh... (Score:5, Insightful)
- sm
Re:Uhhh... (Score:5, Insightful)
I agree, but the truth of the matter is, there is money being made in spam. Nevermind the fact that 99+% of the people being spammed hate it and hate the spammers. Now if I were an alumni of this University, they could kiss my shiney white backside before I would ever give them another dime.
Now the story does say "The aim is to develop new ways to fight these online nuisances." I read this and I see a whole new problem.... They write the spamming software and sell it, then write the anti-spamming software and sell it. This course will do nothing more than make problems worse.
When I see things like this course being offered, and things like this story [telegraph.co.uk], I no longer belive that what is right matters, it's all about the money or just being plain annoying to as many people as possible . I for one will not shed a tear if the University of Calgary burns to the ground for this as long as no one is hurt (no, I'm not saying it should be torched). What ever happened to doing things to help yourself and/or others?
Spammers remind me of the kid(s) in school who everyone ignored or avoided, only now they have found a way to make people pay attention to them, and they're getting even. I just wish I could burn my email addresses.
Re:Uhhh... (Score:2)
You are just coming to this realization now? Wake up and smell the stock options, man. It's been that way for at least 30 years.
Re:Uhhh... (Score:2)
What? WHAT?!?!
You mean it used to be different?
"I prescribe fire, and lots of it" (Score:2)
Re:Uhhh... (Score:2)
however.. if you're(a normal person and) not into it you'll NEVER EVER start to think of these ways how the spam gets through the filters.
as such it might really be good in that the students after this know when they enter the working life what the spam is really about and how it gets through to your mailserver so that they don't just waste a wad of cash on the first miracle cure for it that they find with google.
Re:Uhhh... (Score:3, Interesting)
But the really interesting stuff I think is mostly left for grad students who specialize a little in the topic.
Re:Uhhh... (Score:3, Insightful)
This may be from the same line of university thought that decided it was a good idea to study LSD by taking LSD repeatedly and writing about it. Hopefullly they won't start "studying" mass murder or genocide.
Uh Oh. (Score:4, Funny)
"The University of Calgary's Computing Policy prohibits U of C users from spamming others. If you receive spam that originated at the University of Calgary, please report it to abuse@ucalgary.ca."
I wonder if someone should inform the IT department.
required classes (Score:5, Funny)
Re:required classes (Score:2)
Unless you mean I/O completion ports for sending it en-mass without another SMTP server.
I think this is an interesting idea *duck* (Score:3, Interesting)
I don't know how much of that is bullshit, and how much is true, but I think that it's important to always be looking for the new potential ways to get spam through so defenses can be prepared before the deluge.
Re:I think this is an interesting idea *duck* (Score:2)
Is it worth the risk to their careers? (Score:2, Informative)
is it worth the risk ... to the potential careers of the graduates of the course?
They're the ones who choose to take the course.
Re:Is it worth the risk to their careers? (Score:5, Insightful)
The whole point of going to University is to learn how to think, not what to think. I would hope that any University computer science major would be able to figure out how to make a basic network application (like a mass-mailer) by reading the RFCs and API documentation for their platform of choice. I can program a word processor even though I never took "Word Processor Coding 204" and "Text Editor Development 189". Maybe these courses will not only teach how to write a piece of crap-ware but also how to exert a little self-discipline and ethics when they're making all those semi-colons and curly brackets.
These courses actually look interesting and I'm considering taking some courses part-time to work towards my masters there just because they're offering a little variety.
To catch a thief... (Score:5, Interesting)
The attractive aspect here is that these students will know the tricks of the trade when it comes to spamming, and you know what they say: It takes a thief to catch a thief.
Would I pay the 300USD pricetag (Which is the going rate for a 3 hour course at my school, plus books) to take this class? No. But the same is said by many students about Archery, Chess, Basket Weaving and many other classes that are seen as electives.
What happened to real college? (Score:5, Interesting)
What has happened to education?
Re:What happened to real college? (Score:3, Interesting)
The reality that students don't want to get themselves into ungodly amounts of debt without more of a guarantee of getting a job. Because to many people, college IS about getting a job.
But I have to tell you, as someone in a more "reality" based program that strive to give real world experience, I have found it unbelievably insightful and useful. Not only that, but they manage to throw in a lot of courses that ARE about theory and higher level thought. When you combine t
Capitalism (Score:2)
The primary factor for motivation in our society is competition. Learning theory and high level thought will probably allow a graduate to make significant contributions to society for the next twenty years, but the person learning the practice will make a much bigger impact this year, which will directly effect stock markets (a.k.a. competitive markets).
Capitalism is p
Re:What happened to real college? (Score:2)
Then there are those of us who wonder about the stars and question nature. These inquisitive types find the courses that su
Re:What happened to real college? (Score:2)
Re:What happened to real college? (Score:2, Interesting)
To segue' back to the topic: I think those tech degrees do need some more original classes. Learning programming languages is good, but the trends change and in ten years, we might not be using C and PERL anymore. Even the thing
Some companies are run by idiots (Score:5, Insightful)
According to TFA,
Some companies are run by idiots.
How are people supposed to write security software if they don't know malware works? And how can one really learn how malware works without writing some?
When I worked on a firewall project years ago, I wrote some code to test it versus SYN floods. Where we supposed to just do a theoretic analysis and say "sure, it's safe against this attack"?
When I'm not hacking, among the other things I do is teach karate. That includes playing the attacker sometime for my students to defend. And sometimes they play the attacker for other students. It's the only way to learn.
(Of course in both hacking and budo there are legitimate safety issues. While there aren't enough details in TFA to say for sure, it sounds like they've addressed them.)
where can I sign up? (Score:2, Interesting)
Re:where can I sign up? (Score:3, Informative)
They can investigate the history of SMTP, its assumptions w.r.t. mutual trust, where that went wrong, and how a new protocol should be designed so that it is not so easy anymore to hide the origin of mail.
Talk about paranoia (Score:4, Informative)
He says that's why there are precautions, such as security cameras and a ban on all outside electronic equipment in the classroom.
Each student signs a legal form that says a breach of the security means an automatic "F" and a potential criminal investigation.
I guess they think that there is a high risk that a person will intentionally wreak havoc with the knowledge he learns in that class. Then again, this might just be a publicity thing for the class. I doubt that it's more dangerous than a class on computer security and virus/malware prevention in terms of the risk of damage being done.
--
Free iPod? Try a free Mac Mini [freeminimacs.com]
Or a free Nintendo DS [freegamingsystems.com]
Wired article as proof [wired.com]
Ways to increase enrollment (Score:3, Funny)
So let me get this straight. (Score:5, Insightful)
People are upset because a university is teaching courses on viruses and spam engines?
You know, if I wanted to learn how to murder someone, probably the best thing I could do is train to be a cop. Or a forensics investigator. Or maybe even a doctor. That's where I'm most likely to learn the skills necessary to help me get away with murder.
Problem is, those classes are also where I'm most likely to learn the skills necessary to prevent a murder, or to save a life, or to bring a murderer to justice.
So what should we do: prohibit universities from teaching skills that might be put to bad use? What would that leave? Philosophy and creative writing?
Sure, someone will argue: but spam engines don't have any good use! You can't save someone's life by learning how to write a spam engine! But I can guarantee you that most of the people who work to block spam engines and stop illegal spammers knows how those spam engines work. They learned it somewhere. Tell me why a university shouldn't be one of the places to acquire those skills.
And certain people who design operating systems should probably take more of those courses in how viruses work. Might keep them from having to release new security patches every eleven days.
Parent is only one who didn't knee jerk! (Score:5, Insightful)
People, there's a forest in these trees!
Listen, if I'm a programmer, and I took my normal devry programming course, I have no idea what a syn flood is, nor have they taught me anything to do with the basics of a buffer overflow.
Classes taught to exploit these types of vulnerabilites assure that every student *knows in his/her soul* how things can be exploited. They know exactly how a stack can be overwritten, exactly where to find the return address to overwrite. With this information, and this *big picture* understanding, it will make the better coders in the long run.
Compare most blackhats with most whitehats. What do you seen? You see blackhats with crazy abilities to not only forsee vulnerabilites, but also an intimate understanding of how to exploit them. Most whitehats are just people who know enough not to use insecure commands.
Personally, I'm glad Mr. Venema knows more about average vulnerabilites than current Mr. Joe State University graduate, because he knows how things are exploited (Obviously. Look at TCT, Postfix, TCP Wrappers).
If the average developer *knew* something about programming, maybe we'd actually be better off.
Re:So let me get this straight. (Score:2)
You know, if I wanted to learn how to murder someone, probably the best thing I could do is train to be a cop. Or a forensics investigator. Or maybe even a doctor. That's where I'm most likely to learn the skills necessary to help me get away with murder.
There's a difference. None of those classes hand you a gun, show you the escape routes, and tell you where to aim.
Re:So let me get this straight. (Score:2)
Perhaps not the escape routes. But I'm sure it would teach HOW to escape in bad situations.
Re:So let me get this straight. (Score:2)
Re:So let me get this straight. (Score:2)
Re:So let me get this straight. (Score:2)
Re:So let me get this straight. (Score:2)
I'll give you half a point. (Score:2, Insightful)
Yes, it's true that no one assumes anymore that cops et al. are taught the things they're taught for the purpose of killing someone. So it that sense, my logic is somewhat reversed. But it is not true that cops and forensic investigators especially (perhaps less so with doctors) do not learn how to kill people. They most definitely do. Haven't you seen those silhouette targets cops use on the shooting range? Tell me those aren't designed to teach them how to bring a man down somewhat permanently. So, half a
Do you think there would be so many (Score:3, Interesting)
Re:Do you think there would be so many (Score:2)
*Perhaps* there would be fewer, but many criminals (spammers, etc, included) are malcontents becuase they are malcontents. Even if there was 110% employment for programmers, there would still be these criminals. You don't have to go futher than
Re:Do you think there would be so many (Score:2)
i assume the course will be called... (Score:3)
Re:i assume the course will be called... (Score:3, Informative)
zerg (Score:5, Interesting)
Yeah, I didn't think so.
Every single computer scientist in training should have a fundamental understanding of computer security. And if learning means doing, then computer scientists should be taught how to write viruses, send spam and remotely 0wn b0xes. And don't let them graduate if they can't.
Re:zerg (Score:2)
Every single computer scientist in training should have a fundamental understanding of computer security. And if learning means doing, then computer scientists should be taught how to write viruses, send spam and remotely 0wn b0xes. And don't let them graduate if they can't.
Amen to that. I took a "network troubleshooting" class which was part of the final semester at a Cisco Academy. Along the way, we learned how to recover passwords from a router or switch that we otherwise had lost access too. As a con
Interesting... (Score:2)
First, I don't really mind the idea. I think it's probably a good one.
But one thing I find amusing is the idea of keeping physical securit to the site. Surely if we've learned one thing recently, it's the value of knowledge. Keeping them from taking a floppy disc hope isn't going to make a lick of difference here. Except that, I guess, it might give the university some distance if a criminal investigation against one of the students is launched.
Cowboy Logic (Score:2)
Re:Cowboy Logic (Score:2)
Re:Cowboy Logic (Score:2)
Three words... (Score:2)
-Charles
It's trivial to write email worms (Score:3, Insightful)
Writing mass-mailer SMTP client is trivial.
You don't actually need to do anything, there are excellent SMTP components in all frameworks. You just need to write code to randomize subjects, attachment names, seemingly plausible content, and scan the Winblows machine in question for address books. The couple of most common formats will do.
Then the part about getting it to run.. for my hypothetical win32.Goatse email worm that changes the background image to hello.jpg I would not even have to resort to holes in outlook or anything. Just send the executable. In a perfect world mail servers would drop win32 executables automatically, but this is not widespread policy.
Let it pop up a requester: 'This attachment is executable content. Are you sure you want to run it?' [Yes]/No
'To provide better support to the goatse community, do you want to send unsolicidated email?' [Yes]/No
'Do you want to install desktop shortcuts?' [Yes]/No
'Do you want goatseMailer to run automatically upon Windows startup?' [Yes]/No
If this was launched late sunday evening, the number of goatse'd background imaged would reach thousands easily. Windows users ARE that stupid.
Re:It's trivial to write email worms (Score:2)
Any idea why? For more than 5 years (since happy99.exe was mailed around) we have been blocking all executables on the mailserver at work, and it has rarely caused any problem. In those years it sometimes happened users mailed "funny stuff" around that was made as a self-running flash animation, but this has all been replaced by powerpoint slideshows now. Apparently everyone now has a (pirate)
Where can I sign up? (Score:2, Funny)
is it worth the risk to the rest of us? (Score:2, Insightful)
It is really sad that "socialists" think it is OK to keep knowledge hidden because they think it is the _knowledge_ that is bad.
Well, I am here to tell you that it is not the knowledge. What if I were to post right now how to make a _very_ simple explosive. Would that mean that anyone that read this post would be "bad" or "potentially bad"?
To all you socialists out there... repeat after me
IT IS NOT KNOWLEDGE THAT MAKES SOMETHING BAD! IT IS THE PER
Re:is it worth the risk to the rest of us? (Score:2, Informative)
Labelling someone a socialist and attacking them on that level doesn't work as well as it used to.
Note on Calgary (Score:3, Informative)
Given this, I'd say that Calgary always keeps ahead of other universities in innovation. And certainly we want virus and spam writers on OUR SIDE. i.e. College graduates (versus socially-inadapted anarchists and script-kiddies). Who knows if one of these guys will later make the ultimate anti-spam tool? Remember that the Reed College [wikipedia.org] graduate, Peter Norton [wikipedia.org], became so famous for his Antivirus tool.
Re:Note on Calgary (Score:2)
Basically, they're increasing group work so it's easy for people that don't know what they're doing to coast, and they're making core requirements easier to meet.
advertising the course? (Score:2)
"g3t uR d3gr33 N0W!!! f1nd 0ut h0w t0 3arn $$$$ by s3nding SPAM!!!"
*sigh* (Score:2)
The sky isn't falling, Chicken Little.
If you don't understand how something like spam begins and propagates, how are you supposed to fight it? Nothing to see here, move along.
Ethics (Score:3, Insightful)
Education is the best way to combat many things (Score:2, Informative)
Thy Enemy (Score:3, Interesting)
It's the same philosphy that all the computer hacking / security courses I took in college followed. If you're going to be a system administrator, you HAVE to know how people are going to try to break into your system, so you can prevent it.
The responsibilty of schools are to teach. It's the responsibility of the student to use the knowledge responsibly.
How much lethal knowledge do you think your average doctor (MD) has?
Try putting that on your CV (Score:3, Funny)
What skills have you got?
...Spam
Since when is knowledge bad? (Score:3, Insightful)
While there must be some benefit for everyone else by creating programs to work against these nuisances, is it worth the risk to the rest of us or even to the potential careers of the graduates of the course?
No, it's not worth the risk. Any knowledge that could be used for evil must be supressed. Knowledge is bad.
Seriously, what kind of question is that? Are you suggesting that ignorance is the best approach to combating spam? Should we stop teaching say, chemistry, so there's no chance people will learn to make dangerous chemicals? I learned to make thermite in high school, after all. "It might be risky, we'd better not teach it" is a quick road to never teaching anything.
Professor (Score:2, Interesting)
Here is the profs webpage [ucalgary.ca] and the link to his new course [ucalgary.ca].
The prof is a pretty cool guy but his jokes are AWEFUL! (If you are reading this Dr. Aycock, I'm just kidding. :P)
Spyware No Risk For Career (Score:2)
No. Some graduates will consider career in local police/FBI/CIA/NSA/HFD/RIAA interesting.
Re:My spider sense is tingling (Score:5, Insightful)
If locksmiths understand how safes they build will be attacked by safecrackers, they can reinforce critical points and develop devices to seal the safe if a breach is detected. The idea carries over well into IT and compsci - programmers and sysadmins who understand how their systems might be attacked will be able to reinforce against unauthorized access and find potential security breaches. It's one thing to simply say that "checking your input to make sure it fits in the buffer is good" or that "Bayesian filtering is good," but it's another thing entirely to understand and implement attacks and methods to exploit weaknesses in a system.
Re:My spider sense is tingling (Score:3, Insightful)
We do. It's called the army.
Re:Bomb Manufacturing 101 Prereq for Terrorism 120 (Score:2)
Re:Ethics 101? (Score:2)
to be offering the following courses over
the next school year?
WMD 101, 102 (Chemistry & Physics Depts),
Terrorism 101, 102 (Pol. Science & Theology)
Organizing Terror Cells 101 (Sociology)