[<prev] [next>] [day] [month] [year] [list]
Message-ID: <E989917C9FF25240A201E888E83DF32F01E139E8@EXCHANGE5.corp.ptd.net>
From: keithp at corp.ptd.net (Keith Pachulski)
Subject: more security people =3D less security
bravo =)
-----Original Message-----
From: Uncle Scrotora Balzac [mailto:scrotora@...hmail.com]
Sent: Tuesday, February 03, 2004 3:22 PM
To: full-disclosure@...ts.netsys.com
Subject: [Full-Disclosure] more security people =3D less security
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Many hackers (who also view themselves as security experts) are pissed
off by the landslide of new people, products, and money entering into
the security space. You hear about how things are changing (for the worse),
and posers, and blah, blah, blah. Hell, you even got hackers releasing
[nothing short of] press releases about why they're leaving the scene
because the scene is just too different nowadays.
Yes, it's true there are many more people becoming security "experts"
(using this term as loosely as possible) every day. And yes, it's also
true companies are running to the marketplace faster than Whitney Houston
to a line of coke. And yes, it's also true that corporations are driving
this trend by pouring obscene amounts of money into these companies without
understanding their halfass solutions. But, honestly, you really can't
ask for a better situation. If blackhats aren't *embracing* this trend,
they're missing the boat.
Of course, the obvious benefit: The more people pulled into this space
from various other backgrounds, the lower the average security administrator's
level of knowledge becomes. This "dumbing down" happens for several reasons,
but the most significant is the way in which these new generations of
security administrators are educated. Typically, they are forced into
these positions by employers that realize they desperately need security
staff. So, they move some random people into said positions. Not uncommonly,
network admins or sys admins that sucked in their previous positions.
Now you've got some guy sitting there trying to figure out which way
is up, so where do they turn? To vendors. Be it a vendor of hardware/software
solutions, or a vendor like SANS (selling propaganda, errr, I mean, "education"
about open source products backed by commercial entities which SANS purportedly
invests in).
Since vendors are offering solutions criminally acute in focus (especially
compared to the visibility required to solve the "problems" said vendors
are trying to address), the vendor "educates" the willing client about
the threats the client faces and how the vendor can save the client's
world. Since many admins have been leaning about hackers and threats
from the perspective of vendors who are trying to make a sale -- typically
sales people or technical sales people like system/field engineers, like
the blind leading the blind -- they have no concept of the *true* threats
they need to be concerned about. It's not uncommon to hear people talking
about Teardrop, Jolt, and Ping of Death attacks. F'in DoS attacks against
Windows 3.1, Win 95, etc! Not to mention, nothing that results in remote
access to a system. Good, keep focusing on these "attacks." (And YES.
ALL the other attacks these vendors focus on are just as lame as these
examples). Typical hackers these days need to worry about power surges
more than security tricks.
Although it grates on the nerves of everyone who knows better to see
all these pen testers running around selling Nessus reports, or hear
security admins spouting off illogically about how they use product XYZ
to accomplish all these lofty objectives... Well, it also gives you a
wide open map into the small areas they're actually looking into protecting,
and the vast open areas they have no clue how to protect, much less
watch, or even what the hell to look for if someone even did notice an
irregularity.
So bring it on! We need *more* new security people and more new products
to create more confusion, ambiguity, and false senses of superiority.
Think security consoles only being released for Windows anymore doesn't
signify anything?! Come on out, the waters fine!
- - Uncle Scrot
Powered by blists - more mailing lists