With stiff penalties for being caught and the whiff of secretive underground or even nefarious acts, computer hacking can be seen as a somewhat dubious pursuit. Not all hackers operate with the motive of emptying your Paypal account, however; there are many hackers who utilize their skills to aid companies in locating security flaws ("penetration testing") or engage in hacking with the goal of becoming cyber-freedom-fighters that champion simple human freedoms, such as the right to free speech.

Computer hacking is as much an art as it is a skill. At its simplest distillation, hacking is the systematic search for chinks in programming armor. While advanced problem-solving, intuition and sophisticated understanding of programming languages are a distinct advantage, there does exist a number of push-button programs that computing wizards have written allowing those less sophisticated in the art of hacking to break into remote computers in a variety of ways. Because of this new ubiquity, today's hackers no longer need to be a programming Wunderkind; they simply need to know where to download software and be able to turn on a computer. It really is that simple and the implications can be disturbing.

Phishing, Push-Button Programs and Brute Force Tactics

There's no need to crack a company's firewall if you have direct physical access to their computers. One aspect of hacking is the impersonation of an employee or service worker with the goal of gaining access to a company's database, where the hacker can then unleash whatever havoc he or she has planned into the system. Another is to engage in simple phishing techniques, such as impersonating an employee who forgot their password and needs help logging into the system.

Because such impersonations often fail thanks to companies becoming more security-conscious, taking over operations of a computer remotely is often the preferred method of gaining access. Such attempts can be facilitated in a variety of ways. One is the brute-force method, in which a program such as SQLmap, Nmap or Burpsuite is used; running one of these programs is analogous to trying every doorknob in a neighborhood to see which house is unlocked. Using a variety of different parameters, these programs can find access to a vulnerable computer or network in less than a minute.

Hackers can also attempt to gain access with a program like Metasploit. With literally a few clicks of a mouse, access to a remote and vulnerable computer can be achieved by a relative newbie. With a related hacking aid, called Meterpreter, a backdoor is created that allows access into an operating system. It does not install itself onto the remote computer, running instead using the computer's memory; in fact, Meterpreter can hide itself inside the operations of a perfectly valid program, so it cannot be detected even by sophisticated programmers. Once engaged, it allows a remote user carte blanche access to the system in question.

Where to Learn the Art of Hacking

Of course, for those who wish to learn the actual skills rather than download someone else's hack, there are a number of practice sites that pose an increasingly difficult set of challenges intended to train neophytes in the art of hacking. For example, Hack This Site starts beginners with the goal of cracking simple flaws in coding scripts or software such as HTML, Unix, Javascript and Apache. Their structured series of tests increase in complexity, incorporating real-word scenarios and even old-fashioned "phone phreaking" challenges that recall the bygone golden age of hacking skills displayed by Matthew Broderick in "WarGames."

Using just these simple tools and free practice sites, beginners have a powerful array of hacking resources just a simple mouse click away.

I suspect that many of you are familiar with the term "hard coding a value" whereby the age of an individual or their location is written into the condition (or action) of a business rule (in this case) as shown below:

if customer.age > 21 and customer.city == 'denver'

then ...

Such coding practices are perfectly expectable provided that the conditional values, age and city, never change. They become entirely unacceptable if a need for different values could be anticipated. A classic example of where this practice occurred that caused considerable heartache in the IT industry was the Y2K issue where dates were updated using only the last 2 digits of a four digit number because the first 2 digits were hard-coded to 19 i.e. 1998, 1999. All was well provided that the date did not advance to a time beyond the 1900’s since no one could be certain of what would happen when the millennia arrived (2000). A considerably amount of work (albeit boring) and money, approximately $200 billion, went into revising systems by way of software rewrites and computer chip replacements in order to thwart any detrimental outcomes. It is obvious how a simple change or an assumption can have sweeping consequences.

You may wonder what Y2K has to do with Business Rule Management Systems (BRMS). Well, what if we considered rules themselves to be hard-coded. If we were to write 100s of rules in Java, .NET or whatever language that only worked for a given scenario or assumption, would that not constitute hard-coded logic? By hard-coded, we obviously mean compiled. For example, if a credit card company has a variety of bonus campaigns, each with their own unique list of rules that may change within a week’s time, what would be the most effective way of writing software to deal with these responsibilities?

Another blanket article about the pros and cons of Direct to Consumer (D2C) isn’t needed, I know. By now, we all know the rules for how this model enters a market: its disruption fights any given sector’s established sales model, a fuzzy compromise is temporarily met, and the lean innovator always wins out in the end.

That’s exactly how it played out in the music industry when Apple and record companies created a digital storefront in iTunes to usher music sales into the online era. What now appears to have been a stopgap compromise, iTunes was the standard model for 5-6 years until consumers realized there was no point in purchasing and owning digital media when internet speeds increased and they could listen to it for free through a music streaming service.  In 2013, streaming models are the new music consumption standard. Netflix is nearly parallel in the film and TV world, though they’ve done a better job keeping it all under one roof. Apple mastered retail sales so well that the majority of Apple products, when bought in-person, are bought at an Apple store. That’s even more impressive when you consider how few Apple stores there are in the U.S. (253) compared to big box electronics stores that sell Apple products like Best Buy (1,100) Yet while some industries have implemented a D2C approach to great success, others haven’t even dipped a toe in the D2C pool, most notably the auto industry.

What got me thinking about this topic is the recent flurry of attention Tesla Motors has received for its D2C model. It all came to a head at the beginning of July when a petition on whitehouse.gov to allow Tesla to sell directly to consumers in all 50 states reached the 100,000 signatures required for administration comment. As you might imagine, many powerful car dealership owners armed with lobbyists have made a big stink about Elon Musk, Tesla’s CEO and Product Architect, choosing to sidestep the traditional supply chain and instead opting to sell directly to their customers through their website. These dealership owners say that they’re against the idea because they want to protect consumers, but the real motive is that they want to defend their right to exist (and who wouldn’t?). They essentially have a monopoly at their position in the sales process, and they want to keep it that way. More frightening for the dealerships is the possibility that once Tesla starts selling directly to consumers, so will the big three automakers, and they fear that would be the end of the road for their business. Interestingly enough, the big three flirted with the idea of D2C in the early 90’s before they were met with fierce backlash from dealerships. I’m sure the dealership community has no interest in mounting a fight like that again. 

To say that the laws preventing Tesla from selling online are peripherally relevant would be a compliment. By and large, the laws the dealerships point to fall under the umbrella of “Franchise Laws” that were put in place at the dawn of car sales to protect franchisees against manufacturers opening their own stores and undercutting the franchise that had invested so much to sell the manufacturer’s cars.  There’s certainly a need for those laws to exist, because no owner of a dealership selling Jeeps wants Chrysler to open their own dealership next door and sell them for substantially less. However, because Tesla is independently owned and isn’t currently selling their cars through any third party dealership, this law doesn’t really apply to them. Until their cars are sold through independent dealerships, they’re incapable of undercutting anyone by implementing D2C structure.

Python and Ruby, each with roots going back into the 1990s, are two of the most popular interpreted programming languages today. Ruby is most widely known as the language in which the ubiquitous Ruby on Rails web application framework is written, but it also has legions of fans that use it for things that have nothing to do with the web. Python is a big hit in the numerical and scientific computing communities at the present time, rapidly displacing such longtime stalwarts as R when it comes to these applications. It too, however, is also put to a myriad of other uses, and the two languages probably vie for the title when it comes to how flexible their users find them.

A Matter of Personality...

That isn't to say that there aren't some major, immediately noticeable, differences between the two programming tongues. Ruby is famous for its flexibility and eagerness to please; it is seen by many as a cleaned-up continuation of Perl's "Do What I Mean" philosophy, whereby the interpreter does its best to figure out the meaning of evening non-canonical syntactic constructs. In fact, the language's creator, Yukihiro Matsumoto, chose his brainchild's name in homage to that earlier language's gemstone-inspired moniker.

Python, on the other hand, takes a very different tact. In a famous Python Enhancement Proposal called "The Zen of Python," longtime Pythonista Tim Peters declared it to be preferable that there should only be a single obvious way to do anything. Python enthusiasts and programmers, then, generally prize unanimity of style over syntactic flexibility compared to those who choose Ruby, and this shows in the code they create. Even Python's whitespace-sensitive parsing has a feel of lending clarity through syntactical enforcement that is very much at odds with the much fuzzier style of typical Ruby code.

For example, Python's much-admired list comprehension feature serves as the most obvious way to build up certain kinds of lists according to initial conditions:

a = [x**3 for x in range(10,20)]
b = [y for y in a if y % 2 == 0]

first builds up a list of the cubes of all of the numbers between 10 and 19 (yes, 19), assigning the result to 'a'. A second list of those elements in 'a' which are even is then stored in 'b'. One natural way to do this in Ruby is probably:

a = (10..19).map {|x| x ** 3}
b = a.select {|y| y.even?}

but there are a number of obvious alternatives, such as:

a = (10..19).collect do |x|
x ** 3
end

b = a.find_all do |y|
y % 2 == 0
end

It tends to be a little easier to come up with equally viable, but syntactically distinct, solutions in Ruby compared to Python, even for relatively simple tasks like the above. That is not to say that Ruby is a messy language, either; it is merely that it is somewhat freer and more forgiving than Python is, and many consider Python's relative purity in this regard a real advantage when it comes to writing clear, easily understandable code.

And Somewhat One of Performance