lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CAJVRA1TjAm9VXW8460wwz=7sLt7MDeSu2rkvOMpLme_QymV3nw@mail.gmail.com>
Date: Thu, 8 May 2014 14:00:35 -0700
From: coderman <coderman@...il.com>
To: Full Disclosure <fulldisclosure@...lists.org>
Subject: [FD] pervasive vulnerabilities in offensive mindset - haughty hubris

hacking is addictive!
 ... and leads to poor judgement at all scales.

the first step is admitting you have problem.

"hi, my name is [REDACTED] and i want to HACK EVERYTHING!"


----

https://docs.google.com/presentation/d/1Sv8IHkBtBEXjSW7WktEYg4EbAUHtVyXIZBrAGD3WR5Y/preview?sle=true#slide=id.p

summarized as:
"""
Many computer hackers in the relatively short history of hacking have
exhibited behavior more reminiscent of drug addicts than regular
criminals. The controlled, logical, and no-bigger-than-necessary
compromise of systems appears to be the exception to the rule - more
commonly, we seem to see an escalating spiral of computer compromise
for the sake of computer compromise.

Recent revelations seem to imply that the same dynamic not only
applies to individuals, but to large organisations as well - the lure
of 'hack more so you can hack more' appears to apply here, as well.

This talk discusses why the structure of the modern internet (strongly
connected trust graph with small number of super-connected nodes)
makes hacking so fundamentally addictive for both individuals and
organisations, and why this poses concrete risks for oversight
mechanisms and legal frameworks.
"""


---


to underscore the point with recent evidence:

http://www.theregister.co.uk/2014/05/07/us_navy_sysadmin_accused_of_hacking_220k_sailors_details/

"... Knight called himself a 'nuclear black hat' ..."


---


hacker: know thyself, before ye blow thyself (up)

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ