[TopTalent.in] Hacker with a Heart – Interview with Google Hall Of Fame Member, Mohit Sahu from NIT Raipur
It’s not everyday that you see a young under grad getting inducted into Google hall of fame. Yes, Mohit Sahu is indeed someone special. He owns a couple of startups, an NGO, takes guest lectures on web security and gets inducted into web security hall of fame of top companies every now and then. Mohit considers himself a geek and doesn’t have a liking towards sports and other external activities; though he loves computer games. “When I am away from my computer, I visit new places and spend time with orphans” says the compassionate hacker. We at TopTalent had a fireside chat with this Google Hall of fame member. So, read on to know more about Mohit and what it takes to be an ethical hacker.
1. Could you give us a brief description about yourself?
Mohit: I am a simple guy from a small town in Raigarh, from a middle class family. I had done my schooling from various schools, including govt. school and from Hindi medium. After schooling, I joined NIT Raipur in Mining engineering. It was tough for me to choose any other field as career option as I was only aware about public sector jobs at that time. Joining NIT Raipur, was one of the best decisions of my life.
2. Congratulations on your induction to Google Hall of Fame. Could you share with us how it happened?
Mohit: Thanks a lot, frankly speaking it was luck. I was searching for bugs in Google, I got some bugs which some other researcher had already submitted as these are common for a bug hunter. So one day I got to know about a contest thinkwithgoogle.com for NGOs. By searching more I was able to find out other domains of thinkwithgoogle.com, then during this finding, I found a bug in Google shopping which was very critical. I reported all this to Google security team. I was already in Google security hall of fame in honorable mention, for bugs I have reported earlier. But for above bugs they replied and I got bounty money and also got my name listed in rewards section. I am not a bug hunter, I do it in free time. Basically I love to research over web app security and I found that bug bounty is good way to sharpen your skills and also get some penny.
3. What are your major achievements ?
Mohit: I am inducted into web security hall of fame of multiple companies like Google, Yahoo!, Microsoft, Nokia, Apple, Blackberry, got some rewards from Paypal and few more. We have recently received projects from NTPC, SBI and many other local projects too. Frankly, I don’t consider these as my major achievements, because I believe my major ones are yet to come.
4. Coming from a mining major, how did you come across hacking?
Mohit: Well, I like exploring things and I started participating in many college events. One of them was a tech fest by IIT KGP. My first one actually, and it changed my whole vision. I attended a workshop on hacking and I was so attracted towards it. Exploring technology was always fun for me. So here my journey begins, I started hacking accounts on Orkut, at that time Facebook was not much popular. I got connections to many hackers via “underground hacking community” on Orkut. I made a habit of reading mostly tech blogs and all I was doing was helping Google, who assisted in gaining more knowledge. This was taking a lot of time, so I started bunking classes, and some times even exams. May be it was worth it. I don’t suggest others to do it this way but it worked for me.
5. How difficult is it for a non CS student to master this field?
Mohit: For me, it was quite difficult to handle both my college life and virtual life (hacking career). I didn’t get much time to learn languages and there was no proper guidance by anyone as Google was the only source. As I said before, it was my passion to explore things from my school days, so being a non CS/IT student it needs a little more effort but anyone can master this field. First thing, one has to be learning programming languages and also allot lot of time for research. While choosing this as a career option one has to focus completely.
6. As a country producing the highest number of software professionals, how good are we doing in the areas of information and web security ?
Mohit: I would like to give an example here. When I was taking a seminar, I was shocked to know that even university passed out students didn’t know anything about ongoing technologies and their university syllabus was completely outdated. This is the case with not just this college but most ones. Indian brains are really sharp but are not being used in the right direction. Universities should update their syllabus regularly otherwise, it will be hard for our students to compete with their foreign counterparts. We lack awareness and encouragement. So, we need to make people aware, update ourself, promote security related fields and most importantly encourage innovation.
7. What is the significance of cyber security these days. What are opportunities for TopTalent from a career perspective in this field ?
Mohit: For any company security plays a very important role, it could be for webapp users or network users; we should be concerned about security. User count for facebook, twitter and other social networking sites is increasing day by day. All financial transactions are going over the air, so if this increasing functionality makes things easier, then security loopholes are also bound to increase. Due to open source, it is easy for a hacker to exploit any technology. We have lots of opportunities in both web and network fields . We can make our career in web application security, penetration testing , network penetration testing, wifi security audits, exploit development and many more. Being a programmer is good, but being a secure coder is much better.
8. Most Top Colleges in India offer various courses and electives on Cryptography and Information security, what else do you think should be done to improve the status quo?
Mohit: Course curriculum as I have seen in some colleges generally are theory based which is of very less use. In real life situations, students fail to code a single good program in a given time. I have observed that being a hacker, people learn to explore technology and learn a lot more than simple procedure based coding. Students should be given some unique and real life projects rather than old ones with no objective. It is easy to get code online and there ends the motivation for a me too type of project. Indian Universities should also offer some good courses like the MOOCs offered by American Universities.
9. What is the objective of your NGO and the motivation behind launching it?
Mohit: Our NGO “Chhattisgarh Infosec Society” founded by me and my brother Shubham Sahu, is a first of its own kind in our state for cyber security and awareness. As I am interested in social work, I thought working for cyber security awareness would be a good way to start. We give seminars in schools and colleges, take workshops, help people via social media. I do all the work by my own with full support from people like Mr. Prakash Bajaj. Our motto is to make India a secure cyber space by providing free security to some websites, restore hacked sites, give free training on cyber security etc.
10. Your advice to students and aspiring hackers
Mohit: For students, please don’t rely on college courses, work on current problem and try to do something innovative. Follow your passion and make that your profession. For hackers, “Be Ethical” because its we who can make our country a better and secure cyber space. Learn as much as possible from your peers and seniors, this is what makes a college unique and wonderful.
This article is powered by TopTalent.in – A high end Job portal for students and alumni of Premier Colleges in India. Sign up now for free exclusive access to top notch jobs in India and abroad. Get in touch with them via facebook, twitter or linkedin. If you like GeeksforGeeks and would like to contribute, you can also write an article and mail your article to email@example.com. See your article appearing on the GeeksforGeeks main page and help other Geeks.