| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: upoorbaby at yahoo.com (Sam Jones) Subject: Beyond black, white, and grey: the Yellow Hat I have sat here and watched, patiently for months now, swearing I would not post to this list. I have not wanted to get involved in the childish rants and games of "you're it" that seem to be constantly played here. BUT, since everyone is so good at mucking up the waters, throwing stones and slinging shit, I feel it is time for a comment or two. First off, it is a shame that some folks seem to rant and rant about what kind of hat they wear, as if that is the final defining criteria as to whether you have anything to contribute to making anything better than it previously was or currently is. I wear a cowboy hat and I hack and monitor my own systems to keep up with my own vulnerabilities and on occasion will do so for friends, cause that is just the kind of person I am . In the summer my hat is white and in the winter it is black/brown. SO WHAT! Secondly, for those of you with certifications and minimal hands on knowledge, I can speak with some authority here as I frequently train folks like you to do the jobs their certs say they are already qualified for and on which they were usually hired to do. Get over yourself! Ok, so you make more money than you are qualified to make, and know less than you claim to know, chill out, you got away with it. Enough said. Other than, it would now be nice if you would learn the skills you need to excel in your chosen field. Also, in response to the most recent claim by "phrick", so you hacked into someone's mail server, which as I understand it is not owned nor managed by said person. Woohoo to you! Unfortunately for most of us we depend on someone else at some point to be as security minded on their systems as we are on our own, life doesn't always work out the way we would like. What is distressing though is seeing someone, specifically "hellnbak" who has recently owned up to being one of the learned through using security lists, now groveling at the "phrick" feet. I have to wonder if a nasty chill went up your spine that you might also be "owned" as they like to term it and therefore now find it necessary to shuffle your feet and do an awww shucks trying to cover your own "sell out behind". Posting what seemed to be a private email just to make yourself look sincere is beyond sad. Might know more than you care to admit about that back stabbing comment you made on a personal level eh? I have yet to see a contribution to this list from Steve aka hellnbak other than a lot of comments, and his often offered $0.2. How many times have you posted a fix for anything? Today, I am part of that army of security consultants and as hard as it is to look at myself in the mirror I at least find comfort in knowing that I still learn a lot from these lists and I still try and take the time to understand the issues and not just take them and use them to try and sell work. Sure, I would rather not be yet another "security consultant" but until I find myself a more respectable job that lets me continue with my hobby it pays the bills. Isn't that the argument of all security consultants? But back to my point, the above is quite a change from how "hellnbak" felt back in August: Tell me, based on the PHC definition of a hacker -- one who breaks into boxes, are you a hacker? If so, then I have to thank you for the long term employement you have given me. You guys are not the solution, you are part of the problem. Maybe even the root cause. I have no problem finding many useful suggests from Mr. Dufresne on a variety of security lists. So he isn?t just talking the talk. I am not a security expert. With the constantly changing technology and the constant poorly written code out there, I am just another someone who tries to keep up with how to best secure myself, my systems and those who depend on me to keep them safe. I read constantly, write code when necessary and keep an eye on security lists mostly to make sure I don't miss anything that is happening in real time. I don't ride on the backs of anyone as I tend to test out anything that is posted, not being a trusting sort and if it helps me I use it otherwise I revamp it to suit me. Ok, so I created an anonymous email to post this with, not out of fear so much as not wanting to be bothered by the children (of all ages) that seem to frequent this particular list. Not saying there haven't been some very good debates here, just most of is it chest puffing and thumping that I usually find greatly entertaining but on occasion, like now find just pure sad. Shame on those of you who are making such fools of yourself and brava to those of you who don't get caught up in the "mine is better than yours" game! "Several recent studies have shown that one in every 4 Americans suffers from some form of mental disorder. Think about that, if 3 of your friends seem normal, then you must be the one." --------------------------------- Do you Yahoo!? Yahoo! Web Hosting - Let the expert host your site -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20021119/32e45803/attachment.html
Powered by blists - more mailing lists