eWeek labs just-completed Openhack III test was a great exercise in low-level security hacking, but dont forget that good security is also about issues technology cant resolve. As a case in point, here is my favorite Openhack e-mail in slightly edited form:
“Give me the protocol to upload a page to the http://xtype.openhack.com/ server, and I will split the 50K with you. … This is (bottom line) how most hacks really happen anyway.
“[I]f you want to split the cash, here is what you do. Drive to a city about 4 hours from your location, use cash for gas and dont get a [traffic] ticket. Go to a Kinkos, set up an e-mail account with Yahoo under an assumed name and send one e-mail to one person. Me. Thats it.
“OK … now, with your (what I am sure are capable abilities to begin with), wipe this e-mail from your system and server and hand-write my e-mail address on a piece of paper and get in your car and go man! GO!
“P.S. … by its very design, this contest is about hacking, which often includes covert attempts at avoiding time-consuming technical issues through bribing individuals for information. So dont feel bad if you actually succumb to that feeling in your gut. Just do it.”