Full Disclosure mailing list archives
[Full-Disclosure] RE: [Full-Disclosure]Open the doors to hell hire a hicker Full-disclosure Posts
From: "Clairmont, Jan M" <jan.m.clairmont () citigroup com>
Date: Mon, 18 Oct 2004 10:28:39 -0400
Oh yeah and we can trust you bozos not to put in backdoors, sploits and other great modes of entry yeah right. 8->, Hire the burgler to secure your home, yeah right? Doh! Sheessh what a stupid idea? The whole point of hiring people who don't know much is that they follow a policy procedure and comply with audit, I have yet to see a H&ck3r follow any procedure. So how do you control anything such as policy etc, the wild west again? You hire professional security people to maintain control, not chaos, and find methodologies procedures and products that are the most effective, test, re-test, remediate, deploy and defend. And that can be maintained and operated by ordinary computer folk, who want to do an honest days work and collect their rightful pay, but maybe you never thought of that! gimme a break LOL Jan, Paladin of Insecurity Security. -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com]On Behalf Of yahoo@localhost Sent: Sunday, October 17, 2004 8:58 AM To: full-disclosure () lists netsys com Subject: Re: [Full-Disclosure] Full-disclosure Posts On Sat, 16 Oct 2004 19:13:18 -0700, Etaoin Shrdlu <shrdlu () deaddrop org> wrote:
Of course, anyone still using the term "hax0r" as though it were meaningful might want to think further about what a "security professional" might be
A security professional is someone who cares more about money than the real issue of security at where they work. They don't go the extra mile for the interests of security at where they work, as they don't want to risk the job they're in. My view is corporations should not employ uni graduates and thirty-somethings to work in a security team. They very likely still can't open a can of beans and certainly have no idea about the real issues which face them. They follow company policy and go home at the end of the day, and switch off. The people who should be working at a security team should be volunteers who have the real interests of the company in mind, instead of money. The security professional as we know it (uni graduate and 30 something) is not a hax0r, they are ph.d or whatever who are skilled on an academic level, and thats as far as it goes, which in my opinion isn't far enough. Being a security professional is ment to be about passion, strictly not money, in my humble opinion. Stop employing academics and get the hackers in to do the job properly, unpaid of course, at least to start off with, to make sure they're joining the company for the right reasons. ;-) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- [Full-Disclosure] RE: [Full-Disclosure]Open the doors to hell hire a hicker Full-disclosure Posts Clairmont, Jan M (Oct 18)
- Re: [Full-Disclosure] RE: [Full-Disclosure]Open the doors to hell hire a hicker Full-disclosure Posts Kevin (Oct 18)
- Re: [Full-Disclosure] RE: [Full-Disclosure]Open the doors to hell hire a hicker Full-disclosure Posts Micheal Espinola Jr (Oct 18)
- Re: [Full-Disclosure] RE: [Full-disclosure]Open the doors to hell hire a hicker Full-Disclosure Posts Bart . Lansing (Oct 19)
- Re: [Full-Disclosure] RE: [Full-Disclosure]Open the doors to hell hire a hicker Full-disclosure Posts Jesse Valentin (Oct 20)
- Re: [Full-Disclosure] RE: [Full-Disclosure]Open the doors to hell hire a hicker Full-disclosure Posts Joe Random (Oct 19)
- Re: [Full-Disclosure] RE: [Full-Disclosure]Open the doors to hell hire a hicker Full-disclosure Posts Kevin (Oct 18)