The bad guys are generally pretty smart, so it takes a good guy just as smart to thwart their efforts. Often, the former morphs into the latter for the occasion.

I see a lot of job opportunities on the horizon for a certain class of former criminal.

UPDATE: Security breaches are getting harder to detect and fix. Translation: Even more business headed Monster.com’s way.

That would be for the white-hat types, and the 2006 inductees would be…

At a cocktail party full of institutionalized lackeys, it means you are a dreg of society, a misfit. At Spamroll, it often means you just broke into a government computer system, and are now headed to jail. But, it’s more often a badge of honor, at least computer geeks in the trenches - “he’s a great hacker” is a compliment that makes even the most humble engineers smile. Bruce Schneier has more.

That day would be this last Sunday, and that former hacker turned security expert would be Kevin Mitnick and his website.

Yes, there is such a thing as “hacker camp.” No, “hacker camp” doesn’t exist to teach people how to break into computers and steal data - it is designed to teach systems administrators how to thwart attacks. And those with the know-how can pick up gigs to go with that training.

Now, the point: when stories of “hacker camp” hit the MSM, you know someone upstairs is finally realizing we have big problems on our hands.

I get the feeling that IT security won’t be a thankless role for much longer.

***UPDATE***

The Slashdot camp, whose opinion in this arena must be taken note of, has their doubts about the credibility and effectiveness of such training.

I was at a party one night, and the subject of Skype came up. Some of the guests started cringing at all the free communication talk - they worked at a telco, of course. Then one proceeded to ask me “if I was some kind of hacker.” The person had absolutely no idea what they were asking, and I could only chuckle to myself. I couldn’t hack my way out of a wet paper bag.

Nonetheless, for everyone who doesn’t understand the term “hacker,” which is generally used in the mainstream to represent someone who breaks into computers, here are some definitions, in terms even my dog could understand.

Lets also add to it, by noting that a hacker can and often is someone who doesn’t deal with computer security at all. He or she could be someone who performs “hacks” on computer software, creating and combining to produce something better from something prior.

It used to be that hackers wrote intrusive code only to get recognized amongst their peers. Some did it for the sheer joy, while others did it out of generosity - to warn some sys admin of a vulnerability. Unfortunately, our society has forced the altruistic coders into hiding, and little is left to do with system hacks than steal information.

Why do I think this happened? Well some hackers have moved on to open source projects, and others, bumped from the corporate grind, have cranked up their own companies. Yes, these people are hackers. Some of the best software engineers out there pride themselves on the label. Unfortunately, the guys and gals that the security realm could learn something from have been forced from that playing field by our increasingly litigious society. Part of this phenomena stems from fear and mislabeling (”hacker”, that is). And some of it arose from greed (some companies just can’t make it without picking on someone else). Who the hell wants to get sued for telling some big firm they have a hole the size of the I-75 (around downtown Atlanta) in their systems?

So now we are left with bad hackers, ones who write adware for others intent on forcing something on us we don’t really want, and spyware coders, intent on stealing our purchases, our money, and even our very identities.

Yes, the bad guys were always there, and now they are growing fast.

The fine folks at TechDirt clued me in to this in Malware Inc., and you can read the original story over at InternetWeek’s “some action” (and I don’t mean from video games).