lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <871080DEC5874D41B4E3AFC5C400611ECFCE50@UTDEVS02.campus.ad.utdallas.edu>
From: pauls at utdallas.edu (Schmehl, Paul L)
Subject: Security industry

>-----Original Message-----
>From: daniel.clemens
[mailto:daniel_clemens@...ism.birmingham-infragard.org] 
>Sent: Sunday, November 17, 2002 4:28 AM
>To: euan briggs
>Cc: full-disclosure@...ts.netsys.com
>Subject: Re: [Full-Disclosure] Security industry
>
>You can say that blackhats are all evil and bad, but in reality what
you are saying is >'thought is a crime' and they are the bad guys for
thinking outside of the box and not
>oppressing their own creativity.

Are you really serious?  You can't be serious!  If all blackhats did was
*think* about exploits, no one would ever know, number 1, and no one
would ever care, number 2.  The problem with blackhats isn't their
*thoughts*, it's their *actions*!

Your argument is the same one that the virus writers use, and it's just
as wrong when you use it as when virus writers use it.

>Lets praise them for being so creative in finding and exploiting bugs.
Their perspective is 
>valuable and fun to watch evolve.

You have an odd definition of "fun".  You must not admin any systems
(and are therefore unqualified to speak about the impact of exploits.)
One might praise them for their "creativity" in finding bugs, but it's
another thing entirely to praise them for *exploiting* bugs.

>I don't think any truly thinking individual can say that being creative
in any environment is >bad.

Of course not, but *thinking* individuals don't criticize blackhats for
being creative.  They criticize them for being *exploitive*!  That you
can't tell the difference isn't surprising.  Many people these days
don't have critical thinking skills.

>Nothing is black and white, you putting that label on it doesn't even
make it black and white. >You putting  and accepting the labels makes it
easier for you to cope with in your perspective >of the world and the
socially acceptable norms you think are right and wrong.

Ahhh, good old situational ethics - the bane of modern civilization.
It's funny how an opinion can change when it's your ox that gets gored.
I suggest you try getting a real job, maintaining systems that have to
be constantly patched due to poor programming practices and then see if
you get all warm and fuzzy when one of the exploits takes down a
critical system and you have to work overtime to fix the problem.  Until
you do that, you aren't qualified to speak about the impact of black
hats.

Paul Schmehl (pauls@...allas.edu)
TCS Department Coordinator
University of Texas at Dallas
http://www.utdallas.edu/~pauls/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ