| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: xploitable at gmail.com (yahoo@...alhost) Subject: Full-Disclosure Posts On Sat, 16 Oct 2004 19:13:18 -0700, Etaoin Shrdlu <shrdlu@...ddrop.org> wrote: > Of course, anyone still using the term "hax0r" as though it were > meaningful might want to think further about what a "security > professional" might be A security professional is someone who cares more about money than the real issue of security at where they work. They don't go the extra mile for the interests of security at where they work, as they don't want to risk the job they're in. My view is corporations should not employ uni graduates and thirty-somethings to work in a security team. They very likely still can't open a can of beans and certainly have no idea about the real issues which face them. They follow company policy and go home at the end of the day, and switch off. The people who should be working at a security team should be volunteers who have the real interests of the company in mind, instead of money. The security professional as we know it (uni graduate and 30 something) is not a hax0r, they are ph.d or whatever who are skilled on an academic level, and thats as far as it goes, which in my opinion isn't far enough. Being a security professional is ment to be about passion, strictly not money, in my humble opinion. Stop employing academics and get the hackers in to do the job properly, unpaid of course, at least to start off with, to make sure they're joining the company for the right reasons. ;-)
Powered by blists - more mailing lists