Bodacion Technologies thinks it has built an intrusion-proof Web server, and now it's daring the world to try to spoil its release party next week.
At a Web security forum in Washington today, the Barrington, Illinois-based company planned to announce that it's so confident its new Hydra Internet Server is impervious to hacker attacks that it will pay US$100,000 to anyone who can crack it and show how they did it.
According to the company, Hydra combines the security of complex encryption mathematics with embedded systems to create an invulnerable Internet server that cannot be hacked, is resistant to system crashes and is at least five times faster than conventional servers.
Bodacion executives presented their product today at a meeting of the Information Assurance Technical Framework Forum (IATFF), an organization sponsored by the National Security Agency. The IATFF works to increase awareness of available security technologies. Today's presentation is about securing Web servers and Web sites.
What makes Hydra different from typical Web servers, said company co-founder Eric Hauk, is that it doesn't run on an operating system, since operating systems are often a weak link for hackers. Instead, Hydra servers use Java or the company's proprietary Genesis Development Toolkit to transfer content onto the server using a secure file transfer protocol socket layer. A Web-based interface is used for administration and site development.
By eliminating typical operating systems, which tend to have many security holes, Bodacion operates as an embedded operating system to minimize security risks, Hauk said. The Hydra security system is based on biomorphic mathematics, which is a derivative of Chaos Theory used to model the random growth of living things. Hydra uses a biomorphic algorithm to generate pattern-less numbers in a series. Each number in the series is called a Bodacion. Because a series of Bodacions is truly random, hackers won't be able to discern a pattern and predict the next number, even if they possess the basic mathematical formula, according to the company.
There's no shell in Hydra, Hauk said, so there's no place for hackers to enter and type in destructive commands that could be executed. By eliminating operating systems as targets, Bodacion reduces the number of potential problems and the need to continually upgrade and patch server software to close security holes.
"There's less to attack," he said. "We're narrowing the scope."
Hackers who take on the company's challenge on its Web site are provided with the first 999 Bodacions from a series of 1,000. To win the $100,000, the entrant has to correctly predict the Bodacion that would complete the series.
"We're very confident," Hauk said. "I'd love to offer more cash than what we're offering. We're not just betting $100,000. We're betting what our company is about. Undoing this can ... undo our whole business."
Pricing for Hydra servers will range from $89,950 to $149,900 per server when they're released next week.
Eric Hemmendinger, a security analyst at Aberdeen Group Inc. in Boston, said that other companies have offered similar rewards over the years to anyone who can make their claims look silly, with varied results. It takes guts to do it, he said.
"You don't approach this lightly," Hemmendinger said.