BYU Can Hack It, Jacob F. Frandsen - Y Magazine
Check out the latest podcast episode Listen
BYU Today

BYU Can Hack It

Meet BYU’s first hacking team: (left to right) Kin Lei, Kimball Germane, Austin Whipple, Professor Kent Seamons, and Scott Ruoti.

In a windowless room, four hackers erupt into cheers and a round of high fives. They’ve managed to gain root administrator access to the system they’re trying to crack. Things are about to get interesting.

Surprisingly, this scene played out in a BYU lab, and the hacking hotshots were computer science students. Kimball R. Germane (BS ’10), Scott I. Ruoti (BS ’11), Austin Y. Whipple (’14), and Kin Hou Lei (’12), BYU’s first competitive hacking team, were part of Cyber Challenge 2011, a nationwide capture-the-flag contest in which 23 student teams used cryptography, reverse engineering, and other techniques to locate 36 “flags,” or specific text strings concealed in a host system. The BYU team took first and bagged seven extra awards, including the “Got Root?” award, which the judges created specially to recognize Whipple’s root-level admin break-in.

“Challenges like this . . . have an ‘anything-goes’ policy,” says Whipple. “So you start not playing by the rules and doing things differently. . . . You’re kind of hacking the hacking competition.”

Though the team had some basic skills—Lei had once hacked into his personal website after forgetting the password—none had faced anything like Cyber Challenge, where they were pitted against hackers from Texas A&M, UC Berkeley, and other schools in a two-day contest. The team was formed just weeks earlier by Kent E. Seamons (BS ’86), director of BYU’s Internet Security Research Lab, who was intrigued by the elite “red teams” hired by government agencies and corporations to do penetration testing, or legal hacking, to pinpoint system weaknesses. Seamons figured it was time for his students to get hacking and created a class on the topic. “It immediately drew almost more students than I could handle,” he says.

Some may think hacking has no place at BYU. Ruoti disagrees: “If you don’t pay attention to what people are doing to break in, you never know what you really need to protect against.” Seamons adds, “We’re preparing students for jobs that are in high demand and highly compensated. We believe our BYU students are highly ethical people who won’t take their knowledge and use it inappropriately.”