lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.GSO.4.43.0409212205390.362-100000@parka.winternet.com>
From: dufresne at winternet.com (Ron DuFresne)
Subject: Scandal: IT Security firm hires the author of
 Sasser worm



ahh, yes, but trust is a major component of this  business.  would you
hire the person that sole all your valuables from your home to guard it
for you?  would you really trust them if you were ignorant enough to do
so?

Thanks,

Ron DuFresne

On Wed, 22 Sep 2004, Brad Griffin wrote:

>
>
> -----Original Message-----
> From: full-disclosure-admin@...ts.netsys.com
> [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Nick
> Jacobsen
> Sent: Tuesday, September 21, 2004 12:11 AM
> To: full-disclosure@...ts.netsys.com
> Subject: RE: [Full-Disclosure] Scandal: IT Security firm hires the
> author of Sasser worm
>
> Does it not strike anyone that there is a disturbing trend in malicious
> hackers (yes, yes, I know, they are not hackers if they are malicious,
> so call em whatever you want) getting hired to security firms, mainly
> because the "hacker" gets media attention?  It is honestly like we are
> declaring to the world that the best way to get a good paying job in the
> computer security field is to perform some major attack - and get caught
> for it - and then after serving a short sentace, start applying for
> jobs.
>
> How many? Three that I have heard of now I think. That's hardly a trend
> (and this is not a flame).
>
>   I know lots of young people, myself included, that could make
> headlines by performing some act or another of a sensational nature, and
> all that stops us is our own sense of ethics - but those ethics get
> harder and harder to hold as we earn a pittance doing your standard
> boring days work, while some other guy is out there essentially (in my
> mind) having fun doing some detrimental to society, and then getting
> hired at a substantial salary, as a reward.
> This may sound like a rant, and it probably is, but that makes my point
> no less accurate.
> Responses anyone?
>
> I'd suggest that the companies doing the hiring may consider that these
> people have skills directly relating to what they are doing. If the
> person can or has demonstrated those skills, why not hire the person?
> Saves shitloads of money interviewing potentials and/or training someone
> else.
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
	***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ