ad info

 
CNN.comTranscripts
 
Editions | myCNN | Video | Audio | Headline News Brief | Feedback  

 

  Search
 
 

 

TOP STORIES

Bush signs order opening 'faith-based' charity office for business

Rescues continue 4 days after devastating India earthquake

DaimlerChrysler employees join rapidly swelling ranks of laid-off U.S. workers

Disney's GO.com is a goner

(MORE)

MARKETS
4:30pm ET, 4/16
144.70
8257.60
3.71
1394.72
10.90
879.91
 


WORLD

U.S.

POLITICS

LAW

TECHNOLOGY

ENTERTAINMENT

 
TRAVEL

ARTS & STYLE



(MORE HEADLINES)
 
CNN Websites
Networks image


CNN Today

Company Dares Hackers to Break Into System

Aired January 15, 2001 - 4:22 p.m. ET

THIS IS A RUSH TRANSCRIPT. THIS COPY MAY NOT BE IN ITS FINAL FORM AND MAY BE UPDATED.

JOIE CHEN, CNN ANCHOR: Invitation to computer hackers: Want to play a game? OK; well, a top cyber-magazine and a data security company are daring computer gurus to break into the code they've set up. "eWeek" magazine says hackers cannot worm their way into a system which is protected by PitBull; it's a product that experts call the Fort Knox of computer security. Contest sponsors are willing to back up that boast with a cash prize: $50,000.

The company behind this contest is Argus Systems, and the man behind the technology is Paul McNabb, who's the company's chief technology officer. He joins us by telephone from Champagne, Illinois.

Paul, can you explain to me what the distinction here is between PitBull -- I mean, there are a lot of security systems out that are supposed to protect us, right?

PAUL MCNABB, ARGUS SYSTEMS GROUP: Sure; the way that most people or most companies try to offer protection is by limiting how people can get to the machines that are potentially going to be attacked. And so they use things like firewalls and intrusion detection systems to detect people as they're on their way in.

But on these types of systems, you're dealing with a machine like an Internet banking site or a Web site for a dot-com company, that you're going to be allowing people to come on and to conduct business. And it's not good enough to try to stop them before they get there. You have to actually protect the machine after they're on it.

CHEN: So what you're saying is your system is more complicated than a standard firewall-type system, that's the bottom line of this?

MCNABB: Well, actually, it's simpler than a firewall.

CHEN: Really?

MCNABB: The firewall and the other mechanisms that are there offer a different type of protection and there's a lot of management overhead associated with those products as well.

We deal with a product that sits on the machine itself and enhances the security of the underlying server box so that it can withstand attacks even if people manage to get onto it and have all sorts of access to encryption keys and passwords and everything else. CHEN: Now -- but the point here is, if you actually get a hacker who can get into your system, then you pretty much have to start over again, right? I mean, once one hacker's done it, that's pretty much it for you, right?

MCNABB: Well, in general, that's the case.

On our system, we have designed it so that, even if a hacker is on the machine and has all the passwords and knows the encryption keys and so forth, the hacker still cannot take advantage of the machine and get it to do things that it wasn't supposed to do. It can't damage the Web site and that sort of thing.

So we're not worried, really, about hackers getting onto the machine, we're trying to stop them from doing anything bad once they're there.

CHEN: But here's the thing I really wonder about, Paul, OK: You're offering up $50,000 to someone who is able to hack into this location -- into this site. $50,000 -- I mean, if I'm that smart of a computer hacker, can't I just, like, get into a Swiss bank and move $1 million into my bank account?

MCNABB: Well, we'd think that maybe they would -- you know, people say that some of the best hackers are not going to be there; well, that's up to them.

Clearly nobody is going to announce that they're going to try to get in. If they were to announce that they were trying to get in and then couldn't make it, it would be egg on their face. So we don't expect serious hackers to come out and say one way or the other -- or at least they would come out publicly and deny that they were going to try.

But we think we're going to get millions of people trying; we think we're going to get a good cross-section of the hacker community making a serious attempt. And it will be an interesting demonstration, to see how this type of architecture can stand up -- where you have, essentially, four machines naked on the Internet and people given the opportunity to come on and see what they can do with them.

CHEN: Well, we'll see where they want you to send that $50,000 check.

Paul McNabb from Argus Systems joining us on the telephone, live from Champagne, Illinois.

TO ORDER A VIDEO OF THIS TRANSCRIPT, PLEASE CALL 800-CNN-NEWS OR USE OUR SECURE ONLINE ORDER FORM LOCATED AT www.fdch.com

 Search   


Back to the top