lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed Nov 23 21:16:22 2005
From: infosecbofh at gmail.com (InfoSecBOFH)
Subject: Hacking Boot camps!

On 11/23/05, Koen Van Impe <koen.vanimpe@...net.be> wrote:

> On what information is your point of view based? Could you provide some
> facts (what vendors are given marketing opportunities)?
> Did you attend any SANS course lately?

Yes, I actually hold many SANS certifications that I have used to wipe
my ass with.

Look up the definition of SANS at dictionary.com

Sans; to be without; lacking

- Their training is out of date

- Most of their instructors are unqualified to answer any questions
that are not in their training books.

- Most of their instructors will feed you with a marketing pitch for
their own consulting or product companies.

- The so called "SANS What Works" program where they endorse vendors
who have products that actually work and help with infosec issues is a
sham.  They will list any vendor that pays their 25K "fee" to be
listed.

- Here is how the pyramid works.  You have Northcutt and Paller on the
top of things as the creators of this so called non-profit (yet they
have multi million dollar homes in Hawaii).  They *USE* volunteers to
come up with training material and to run their "mentoring program".
Then, they take the volunteer work, hand it to their close friends who
also happen to be their full time instructors let them take credit for
it and have them deliver the course and of course pay them very well
for it.  Nothing like making money for your 'non profit" on the backs
of volunteers who you still charge to attend the training BTW.

FULL DISCLOSURE -- I hold SANS certifications but only because my
employer paid for them at the time because they wanted to market their
products via SANS and SANS required them to have someone certified.  I
paid zero attention in class and yet still scored some of the highest
marks on their tests that they have had.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ