lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20051205223250.X20870@ubzr.zsa.bet>
Date: Tue Dec  6 04:43:07 2005
From: measl at mfn.org (J.A. Terranson)
Subject: IT security professionals in demand in 2006

On Mon, 5 Dec 2005, Andre Ludwig wrote:

> Alphabet soup != technical skill,

And really, that is, in a nutshell, the problem.

These certifications were supposedly going to tell us who knew what, but
just as with the coveted PhD, they are useless for their stated purpose.

Let's face it: these certs are an industry unto themselves, and nothing
more.  Just like much of "higher education" in general - the only
difference with the certs is that you can get rich without being a 200
year old multi campus Ivy League university (along with the standard
accompanying 2 billion dollar "endowment").

We need to get back to interviewing people and testing their skills in
person, and stop relying on greedy third parties to "certify" people.

What good is a certification if they "certify" an idiot?  If they'd offer
a refund of wasted wages these might mean something - at least stand
behind your "certification"!!!

It's disgusting, but SANS (*) and their ilk are just 21st century versions
of the 19th century "University" pyramid scheme.

At least *some* of the universities degrees are worth something (i.e.,
I've never met an MIT graduate who was clueless in their "chosen field",
but I've met a LOT of SANS certified people who couldn't find a SYN in a
flood.


(*) note: used as one example out of 400
candidates.  While SANS is every bit as bad as any other, they are
probably not any worse.  of course, YMMV.)


-- 
Yours,

J.A. Terranson
sysadmin@....org
0xBD4A95BF


I like the idea of belief in drug-prohibition as a religion in that it is
a strongly held belief based on grossly insufficient evidence and
bolstered by faith born of intuitions flowing from the very beliefs they
are intended to support.

don zweig, M.D.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ