lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: chaos_magician at hushmail.com (chaos_magician@...hmail.com)
Subject: A PHC PRODUCTION: THE REAL SCRIPTKIDDIES

Opps... My bad  It was Ira and it was Defcon 5

Ira Winkler - Author of Corporate Espionage - Ira contends that there is so much lameness among hackers that even an eliteness of 10% would be amazing. Take his Lamer Test and see if you pass!  


There appears to be real audio of it... thats about it.  But basically he listed several points such as "How many are versed in this or that" And actually used the "Can make their own exploit from an advisory" marker as a benchmark.  Which I happen to agree with.


Read on...
>
>>2.  The only reason they are upset with security professionals
> 
>>in particular is that like they said "THE SECURITY INDUSTRY DE
>MOLISHED OUR WORLD."  Meaning we are obviously doing our job if we have pissed them off this much LOL :-).  
>>
>
>Did you happen to miss the word "corrupt" in my sentence? You p
>rofit off the gullability of others and the alleged infallibility of your products and services. So when your Nessus scan or scriptkid audit gives them the all-clear, what reassurances do they have that the people out there who are actually skilled, unlike yourself, can't break into their system? You invent all kinds of snake oil. You're not doing your job at all -- the underground is annoyed by the amount of cash you idiots make, not because you're actually making us lose root anywhere. 

First off... you have no idea what it is that *I* do.  Generalizations only help to cloud the issues that you stand for.

Personaly I profit off of corporate america.  I mean where else can you get someone to pay you 100k a year to have fun?  You want to see a hack?  Try hacking corporate america.  Thats what I did.   Now *they* might profit off of gullible people.  But hey... isnt that what blackhats do too.. profit in fun and power off of people gullible enough to trust software for our day to day lives?  Hell you use the gullibility of all of humanity. 

And I dont spend my time with pen-test projects anymore... I know how low of a standard there is in the industry.  Back in the days before the secfocus DB which did wonders for the leech community, I did pen-testing.  And after that I did for a while as well, until I got bored and tired of the lack of creativity involved en masse.  

These days I spend my time designing and developing defense systems that are non-signature specific.  Its much more fun and makes for good karma :-)

But let me restate... I think we need people like you to keep people like me in business :-)  Keep on keepin on. And thanks for the effort.

Don't you just love Apathy?  


"There is no good or evil, only to he who thinks it so"
-Chaos_Magician




Get your free encrypted email at https://www.hushmail.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ