| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <OFED74EFB0.54FB56C4-ON80256F15.00528D29-80256F15.0054E6F9@Inveresk.com>
From: Michael.Simpson at inveresk.com (Michael Simpson)
Subject: Scandal: IT Security firm hires the author of Sasser
worm
it revolves around the issue of who know's what
the arsonist who burns down the city after torching his house doesn't get
a job with the fire department as anyone can start a fire
young man with ability to code a novel worm (as opposed to script kiddies
pullin trigger on sploit) is deemed to be highly enough prized or has
skillz and/or knowledge worth bringing into the tent (always safer to have
him inside tent pissing out rather than outside pissing in - unless they
are really bad news in which case u prolly want them in the arms of bubba
with all their fingers broken)
add into that the huge degree of BS apparent throughout the IMT world and
it's no wonder that sven got employment
"micro$oft headhunted me for $250,000"
the world's press have been writing his Curriculum Vitae for him since
so he's young and gifted
http://slashdot.org/article.pl?sid=04/09/09/2236216&tid=156&tid=220&tid=1
with a high work rate and demonstrable commitment to a project
http://slashdot.org/article.pl?sid=04/08/02/064259&tid=172&tid=95&tid=201
i may not trust him with regards to his ethics/morals but that may not
disbar me from giving him a job if i thought he was suitable and indeed
for some employers not too straight a moral outlook might be preferred
(was it necessary for Clinton to have high moral standards to be a good
prez of the usa?)
having said that i would keep an eye on him, log everything, rfid his
food, 24/7 video feed of his keyboard leds being watched by operators
trained in morse code, etc
thorny subject
mikie
"Nick Jacobsen" <nick@...icsdesign.com>
Sent by: full-disclosure-admin@...ts.netsys.com
20/09/2004 15:10
To
<full-disclosure@...ts.netsys.com>
cc
Subject
RE: [Full-Disclosure] Scandal: IT Security firm hires the author of Sasser
worm
Does it not strike anyone that there is a disturbing trend in malicious
hackers (yes, yes, I know, they are not hackers if they are malicious, so
call em whatever you want) getting hired to security firms, mainly because
the "hacker" gets media attention? It is honestly like we are declaring
to the world that the best way to get a good paying job in the computer
security field is to perform some major attack - and get caught for it -
and then after serving a short sentace, start applying for jobs. I know
lots of young people, myself included, that could make headlines by
performing some act or another of a sensational nature, and all that stops
us is our own sense of ethics - but those ethics get harder and harder to
hold as we earn a pittance doing your standard boring days work, while
some other guy is out there essentially (in my mind) having fun doing some
detrimental to society, and then getting hired at a substantial salary, as
a reward.
This may sound like a rant, and it probably is, but that makes my point no
less accurate.
Responses anyone?
Nick Jacobsen
nick@...icsdesign.com
-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com on behalf of
bb
Sent: Mon 9/20/2004 3:32 AM
To: Feher Tamas; full-disclosure@...ts.netsys.com
Cc:
Subject: Re: [Full-Disclosure] Scandal: IT Security firm
hires the author of Sasser worm
If he has fulfilled all the obligation of his sentence,
whats wrong with him
being allowed to seek gainful employment that plays to
his skills?
Second chance anyone? Being allowed to learn from his
mistakes?
----- Original Message -----
From: "Feher Tamas" <etomcat@...email.hu>
To: <full-disclosure@...ts.netsys.com>
Sent: Monday, September 20, 2004 10:21 AM
Subject: [Full-Disclosure] Scandal: IT Security firm
hires the author of
Sasser worm
> Hello,
>
> The german IT security company "Securepoint" has hired
Sven
> Jaschan, who wrote and spread the Sasser Internet worm,
> which caused widespread and costly damages to legions
of
> Windows computers.
>
> He will work as a developer for security softwares such
as
> firewalls.
>
> This is a scandal! Whether or not you like the 250k USD
> head-hunting bounty which Microsoft Corp. paid to have
Mr.
> Jaschan nailed, he is still a criminal. Hiring him is
a
> taboo. It is totally unacceptable to picture him as a
modern
> age Robin Hood or freedom fighter. He is a criminal,
similar
> to an arsonist, who sets a house alight and the fire
spreads
> to an entire city.
>
> I urge all to boycott the Securepoint and I urge those
who
> suffered losses due to the Sasser worm to sue
Securepoint
> and seek damages. VXing must end and we must send a
strong
> message to teenagers that cracking is not hacking and
will
> not be tolerated.
>
> Securepoint website:
> http://www.securepoint.cc/
>
> Info about Sven Jaschan's hiring:
> http://www.f-secure.com/weblog#00000296
>
> Sincerely: Tamas Feher from Hungary.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter:
http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists