lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: GKornblum at guesswho.com (Gregory Kornblum)
Subject: RE: [PHC] Sermon #2: Security Industry

> As a self-confessed black hat, in your ideal world, how would you help
> me stay secure and prevent all the attacks that bludgeon my network?
> This is a legitimate question, and I would appreciate a legitimate
> answer, rather than the usual blather that has dominated this 
> list.  And
> I'm not hiding my name either.

No I am not a blackhat. However I am a believer in project mayhem. If
that classifies me so be it. The current state of security is sickening.
What I am is a simple software engineer that does my part to protect
what is close to me. However God gave me a voice and I see these
profiteering gluttons trying to hide the real truth behind project
mayhem. As I think the members of it do to an extent also. See not only
do eyes need to be opened in the security industry but in the IT
industry as a whole. See no network is 100% secure ever. However with
the right combination of tools you can see every little detail that is
occurring in your network and a human eye can do allot better than some
ISS algorithm. For the most part you don't have to be an expert to
monitor those tools and kill off anything uncertain. That can be done
with a flurry of free tools and 3 8 hour shifts at no more than $15 USD
an hour. Which comes to a total of say $50000 USD on server equipment
and $131400 a year in human resources. No your network will be broken
into but when it happens they wont be there long enough to do any
damage. That is my philosophy and I know there is even how-to's out
there on that kind of monitoring. However you might hear it and not feel
the same. Others probably won't even hear it at all. But there is a
better way and I would like to see it happen and soon. Home computers
are getting hit now because of this insanity disclosure has created.
That's just plain stupid and needs to stop. Regards!

Gregory Kornblum
Software Engineer
greg@...sswho.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ