Over the years the NSF has financed various summer camps for high school students, designed to get them interested in mathematics or other areas of science. This summer they’ve teamed up with the NSA to deal with the problem of bad press due to the Snowden revelations by organizing a massive new program of quite different summer camps. The program is called GenCyber, and the New York Times today has an article about it here. This year the NSA/NSF is funding 43 camps (for a list, see here), with 1400 youngsters attending them, the plan is to expand to 200 camps over the next few years.
The NSA official in charge, Steven LaFountain explains how the PR aspect works:
Mr. LaFountain said the agency would not make sales pitches to campers, but hoped that the work of the agency would be enough to lure them into the field.
“We’re not trying to make these camps something to make people pro-N.S.A. or to try to make ourselves look good,” he said. “I think we’ll look good naturally just because we’re doing something that I think will benefit a lot of students and eventually the country as a whole.”
According to the New York Times, one sort of thing being taught is how to crack password files:
“We basically tried a dictionary attack,” Ben Winiger, 16, of Johnson City, Tenn., said as he typed a new command into John The Ripper, a software tool that helps test and break passwords. “Now we’re trying a brute-force attack.”
Others in the room stumbled through the exercise more slowly, getting help from faculty instructors who had prepped them with a lecture on the ethics of hacking. In other words, they were effectively told, do not try this at home.
“Now, I don’t want anybody getting in trouble now that you know how to use this puppy,” Darrell Andrews, one of the camp’s instructors, warned loudly. “Right? Right?” he added with emphasis.
Teaching thousands of kids how to crack password files? What could go wrong with that?
The program at Marymount features indoctrination visits to the NSA together with the hacking instruction, and one of the instructors seems to realize part of the problem:
And here at Marymount University, where campers are staying in dorms for their two-week program, visits to the N.S.A. and a security operations center break up classroom time.
The idea — and the challenge — of the camp, according to its head, Diana Murphy, a professor of information technology at Marymount, is to first teach students how to hack, so they can understand and defend against attackers they might encounter in cyberspace.
“It’s a fine balance for me as a teacher, because you have to teach them some of the hacking techniques, and layer that in with an ethical discussion,” Ms. Murphy said in an interview before camp began.
“They are most interested in the attacking things.”
Update: CNN has an article up today about this here.