There’s an article on Newsweek about a controversial computer security curriculum at Sonoma State University. Professor George Ledin is teaching his students how to create malware such as spam bots and viruses.

In a windowless underground computer lab in California, young men are busy cooking up viruses, spam and other plagues of the computer age. Grant Joy runs a program that surreptitiously records every keystroke on his machine, including user names, passwords, and credit-card numbers. And Thomas Fynan floods a bulletin board with huge messages from fake users. Yet Joy and Fynan aren’t hackers—they’re students in a computer-security class at Sonoma State University. And their professor, George Ledin, has showed them how to penetrate even the best antivirus software.

Some of our College’s own courses such as SRA 221 try to teach students how to hack so that they can understand what they’re up against and become better security professionals. We have a fully-equipped Network Security Lab in the IST Building with a closed network. Whether the curriculum is successful at producing capable hackers is questionable, but the topic is an arguable issue nevertheless.

Should our students be led down a dark path of possibly creating mischief, by learning how to plant keystroke loggers and eavesdrop on network traffic? Or is it a necessity in our program of study in Security & Risk Analysis? Comment below with your opinion.

Tags: hacking, security, sra

Categories: News, Opinion