[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <F116YVJ4w3kXg5iIIfP0001948f@hotmail.com>
From: democowx86 at hotmail.com (democow the happy cow)
Subject: the cow responds..
>From the desk of the honorable democow
in response to my comment on methods of backhat/whitehat hackers silvo made
note of scriptkiddes and ?trained? infosec people and how they are
different in their methods.
i wholeheartedly disagree on this point.
script kiddies scan networks for vulns, so do whitehats
script kiddies exploit the target where it is most vulnerable
script kiddies cause an financial loss so to white hats(they charge a hellof
allot for what they do when it is not needed)
scriptkiddes use premade exploits they may or may not know how they work.
whitehats(by looking at the iss ethical hacking student guide) use premade
exploits they may or may not know how they function
also.. the term script kiddies as silvo stated. ?A person who h4ckz into
systems using the tools written by other people, without knowing how they
work.? i also find this false. this statement may have been valid 5 years
ago, but with the dawn of the whitehat age. a script kiddie can easily just
go and pick up a text and learn allot quicker then most of you whitehats
would want to think. they might have been kids a while ago, but they have
grown up IMO. lets not forget that writing code to exploit 90% of vulns out
there is not that hard of a task, most of it is very basic computer
science.. in face i think that script kiddies are better armed then most
whitehats want to think they after all have allot more time to discover new
vulns to attack you with.
i would just like to add that, i think a good sysadmin is allot better at
preventing an attacker then a doofus whitehat.. and i think the allot of the
security industry can be stomped cold by a small addition to many IT
courses...but today they do focus allot more on security in most classes
so.. ;p
one more reason why the age of the whitehat will come to an end almost as
soon as it has arrived.. i am not saying that there will be no infosec
industry, i am just saying it will have to reinvent itself or suffer the
fate of coke2(but then for any capitalist society to exist it must
constantly reinvent itself.. al-la karl marx).
next silvo stated.."In any case, you know how much revenue advisories churn
out for
a company? Rather ALOT actually.. how much do vuln researchers make?
not THAT much in comparison?
i assume you mean vuln alert.. if not i will want to make my point on this
issue, it may seem redundant but to get your point across you have to make
it clear..
there are many different arguments in the black hat\whitehat battle.. but
this is one that i think everyone will agree with. and that is how the
infosec industry rapes the regular joe-six-pack computer hacker. lets think
about what happens when an advasory is sent out from a whitehat org
if you want to look at this from an extreme POV you can look at how eeye
released exploits for iis(that would be better for my old script kiddie
argument).. but for now any old vuln alert will do..
i would like to go into much more detail.. but i have spent 5mins writing
this.. and i want to go to sleep.. i do have a life after all
anyways.. to take an old saying ?every time a vuln alert is sent a script
kiddie get his\her weapon?
i am sure i will talk about this more until then. be happy, have fun, stay
safe
-love
Democow: the happy cow
?meat is murder, did you know 60million democows a year are killed just to
feed arrogant humans with a taste for high class beef?
-CALL TO ARMS TO ALL BLACKHATS... MAKE YOUR OPPOSITION TO THE INFO-SEC-IND
KNOWN POST YOUR OPINIONS WHERE EVER YOU CAN, POST WHAT YOU THINK ON THIS AND
ALL OTHER MAILING LISTS, IRC ROOMS, AND WEBSITES.. STOP FEEDING THEM..LET
THEM STARVE-
_________________________________________________________________
MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*.
http://join.msn.com/?page=features/virus
Powered by blists - more mailing lists