lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CFENJHLDLDGNGJAKMDADCEKPCLAA.fbnewtz@houston.rr.com>
From: fbnewtz at houston.rr.com (Fred Newtz)
Subject: Scandal: IT Security firm hires the author	of Sasser worm

On Tue, 2004-09-21 at 05:08 -0700, Harlan Carvey wrote:

>The other is a virus writer who used a flaw developed by someone else,
>and propagated by a meathod that has been used countless times before,
>and really introduced nothing new.

So lets say someone did not turn him in and he never got busted.  What
happens when he goes out and finds a job in the security industry?  Does
that mean he will work with malicious intent and make all the back doors in
products that he wants to or would he do his job just like everyone else in
the world?   He obviously has skills of some sort that are valuable.  Maybe
he is just doing penetration testing on their products, you never know.

All nitty picky things aside, what about all of the other virus writers out
there that never got busted?  The hackers and crackers and phreaks and
everyone else that did something wrong or maybe even destroyed some
important data.  Does that mean that we already have people like that
working at security companies or not?  Does that make the products of
companies who hire virus writers or crackers less secure?  Does that mean
that the PHACV people do not take their jobs seriously?  Does that mean that
they can do a better or worse job than someone who does not have the desire
to beat the system so to speak?  I mean there are tons of people out there
that are into this scene and they obviously will get a job or already have a
job somewhere.

This has been going on for quite some time.  Just look at the LOD/h boys and
the security consulting firm they started at least 10 years ago and what
happened to them because people like SWBT totally dogged them and warned
everyone that they could not be legitimate even though they were all
convicted and just needed an honest job to go straight just like everyone
else.  I know some of those guys and they were good people.  They were some
of the best minds out there and they could have done just as good of a job
as everyone else.  They had already conquered the world in their own way,
why not let that knowledge work in a good way for people that needed
protection from other kids trying to do the same thing.  Or worse yet, hired
hackers trying to steal secrets.

Saying that no teenager can be reformed is like saying you can't change your
mind about what to eat for dinner.  I have over 13 convictions and have been
in prison as well as spent more than my fair share of time in county jails.
However, that has been 10 years now and I am integrated into society making
my way in life.  All of this happened before I turned 21 years old.

So if I can change then anyone can change.  If you have a 250000 fine or
whatever coming against you wouldn't you want to work it off so that some
day in the future you might be able to own a car, or even a bicycle?  What
about a house or to even get married?  Who would marry someone with a debt
like he will have very soon?

Good people do bad things sometime, it is a fact of life.  Deal with it.

Fred




Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ