lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon Dec  5 08:57:52 2005
From: sk at groundzero-security.com (sk)
Subject: IT security professionals in demand in 2006

CISSP is bullshit. as eeye said 99% of the security consultants do their
pen-tests with automated tools which is pathetic in my opinion.
if you cant write exploits, you are no professional, more like a steam
blower. how can someone be professional when he doesnt
even understand how an exploit works in deep? what if there are custom
scripts or exotic daemons installed? without beeing able to audit
code and understand how certain bugs are beeing exploited, how can someone
think he got enough clue to do a professional security audit?
its just a rip off of the customers as simple as that. or would you pay
someone to run an automated tool against your host, sit back and wait
till a nice pdf statistic is generated so he got something to present to
you? of course you wouldnt. in the 90s the people still had to learn on
their own and all the mainstream hackers who speak at your conventions didnt
learn their knowledge from stupid class rooms.
everyone who thinks hes a security professional or even a hacker after he
made some certs, is just living in a dream world.
then again the media plays well with the steam blowers so they can make a
nice living..
sorry i just had to say that since its going on my nerves how all these
people suddenly think their stupid certs make em special, but then if
it comes to knowledge everyone is cluless...

-sk
----- Original Message ----- 
From: "Ivan ." <ivanhec@...il.com>
To: <full-disclosure@...ts.grok.org.uk>
Sent: Monday, December 05, 2005 3:01 AM
Subject: [Full-disclosure] IT security professionals in demand in 2006


> http://www.computerworld.com.au/index.php/id;923889191;fp;16;fpid;0
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ