Re: [Full-Disclosure] Full-Disclosure Posts

yahoo_at_localhost
Date: 10/17/04

  • Next message: Calum Power: "Re: [Full-Disclosure] MS Security Bulletins" 
    To: full-disclosure@lists.netsys.com
Date: Sun, 17 Oct 2004 13:57:51 +0100

    On Sat, 16 Oct 2004 19:13:18 -0700, Etaoin Shrdlu <shrdlu@deaddrop.org> wrote:
    > Of course, anyone still using the term "hax0r" as though it were
    > meaningful might want to think further about what a "security
    > professional" might be

    A security professional is someone who cares more about money than the
    real issue of security at where they work. They don't go the extra
    mile for the interests of security at where they work, as they don't
    want to risk the job they're in.

    My view is corporations should not employ uni graduates and
    thirty-somethings to work in a security team. They very likely still
    can't open a can of beans and certainly have no idea about the real
    issues which face them. They follow company policy and go home at the
    end of the day, and switch off.

    The people who should be working at a security team should be
    volunteers who have the real interests of the company in mind, instead
    of money.

    The security professional as we know it (uni graduate and 30
    something) is not a hax0r, they are ph.d or whatever who are skilled
    on an academic level, and thats as far as it goes, which in my opinion
    isn't far enough.

    Being a security professional is ment to be about passion, strictly
    not money, in my humble opinion.

    Stop employing academics and get the hackers in to do the job
    properly, unpaid of course, at least to start off with, to make sure
    they're joining the company for the right reasons. ;-)

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Calum Power: "Re: [Full-Disclosure] MS Security Bulletins"

    Relevant Pages