[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1029330120.1828.84.camel@localhost.localdomain>
From: raymond at dyn.org (Raymond Morsman)
Subject: Re: anonymous doesn't want to be rm-d by Ph
rack High Council
On Wed, 2002-08-14 at 14:06, sockz loves you wrote:
> whitehat, and as such i dont associate myself with that scum. allow me to
Whitehats don't break laws. So explain "scum".
> side to exist, the other must also exist. script kiddies rely upon whitehats,
> such as yourself, to provide them with information that can be used in a
> malicious attack against their lecturer's computer, and whitehats rely upon
No, they don't. That's against the idea of being white hat. If a
whitehat gives code, it will only be a proof of concept, not an exploit.
> this immaturity to demand higher paying contracts so that they can "better"
> protect the world from *evil* "hackers". kinda like how in that movie with
The demand came before the offer, hackers were there long before people
thought of security officers for information systems in generic use.
> face it. the only interest whitehats have in the security industry is money,
> prestige, and girlz. not security. if you had any sense at all you'd keep
> your mouth shut about any shit you turn up. you'd keep silent and use it for
No, security through obscurity is BAD.
> its sad. pretty damn fucking sad.
Yes, your overwhelming lack of knowledge you seem to need to compensate
by blabbing a lot is sad. First good remark (you were even wrong on Gina
Davis, must have been quite some time you've actually seen a woman).
> but these are just my thoughts. i mean, if you want to continue in your path
> towards the destruction of society then thats your business. but ask yourself,
> Nigel Hardy, is the information i publicise to the security industry really
> helping *security* itself? or is it really going to be used by some script
> kiddy to create another code red?
People will find flaws. If whitehats or vendors don't get to them they
won't be fixed. Users won't be warned. Then, the more dangerous kind of
"hackers" will own your systems. There's a code of conduct in place to
stop abuse of 0dayz, the vendor will get a reasonable headstart.
Then it's up to the system administrators to keep up. In most cases they
are the weak spot (like with Code Red).
So, what is actually so bad that whitehats do?
Raymond.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20020814/a5ade229/attachment.bin
Powered by blists - more mailing lists