Dailydave mailing list archives
RE: Re: Exactly 500 word essay on "Why hacking iscool, so that Marcus changes his web site"
From: "Paul Melson" <pmelson () gmail com>
Date: Wed, 21 Sep 2005 13:50:27 -0400
-----Original Message----- Subject: Re: [Dailydave] Re: Exactly 500 word essay on "Why hacking iscool, so that Marcus changes his web site"
So because of the opportunists the whole security industry is bad? Does
the same go for
financial consultancy firms ? They commonly come up with ways to defraud
systems, or
design poor systems that no one adequately researches. Then you get
opportunists
defrauding the 72 year old grannies you mention. They do this by
exploiting financial
loopholes (vulnerabilities). This is a close mirror of what goes on in
Security,
pointing out and detailing a flaw does not make you a criminal - using
that flaw can
do.
And what has been the result of that type of fraud? In the US, you have sweeping accountability reforms like the Graham-Leech-Bliley and Sarbanes-Oxley acts. Huge audit and control efforts for the entire industry because of the very bad results of some devious acts by a few very bad apples. So as network security becomes an integral part of IT practice (make no mistake, we're not an industry unto ourselves), will we or our peers be happy to see more regulation and more audit overhead because Immunity or Symantec or McAfee hired some hackers who weren't fully "retired" and they release the next big worm? Though you were trying to dispute one of his arguments, I think you wound up making Marcus' point. PaulM PS - As we watch the patch/exploit window shrink to mere hours, I can't help but wonder how long until the IT vendor lobby goes crying to Congress for relief (if they haven't already?). Legislation and regulation for security research* in the US may only be right around the corner. Coming soon to a Secunia mailing list near you: 180-days-to-full-disclosure *(meaning exploit development and disclosure in my head, but probably having a much more broad and painfully ignorant definition once written as law)
Current thread:
- RE: Exactly 500 word essay on "Why hacking is cool, so that Marcus changes his web site", (continued)
- RE: Exactly 500 word essay on "Why hacking is cool, so that Marcus changes his web site" Dave Korn (Sep 19)
- Re: Exactly 500 word essay on "Why hacking is cool, so that Marcus changes his web site" Bas Alberts (Sep 19)
- RE: Exactly 500 word essay on "Why hacking is cool, so that Marcus changes his web site" Dave "I do not speak for AT&T!" Korn (Sep 19)
- Re: Exactly 500 word essay on "Why hacking is cool, so that Marcus changes his web site" Marcus J. Ranum (Sep 20)
- Re: Re: Exactly 500 word essay on "Why hacking is cool, so that Marcus changes his web site" sinan . eren (Sep 20)
- Re: Exactly 500 word essay on "Why hacking is cool, so that Marcus changes his web site" Jonathan Karon (Sep 20)
- Re: Re: Exactly 500 word essay on "Why hacking is cool, so that Marcus changes his web site" Drsolly (Sep 21)
- Re: Re: Exactly 500 word essay on "Why hacking is cool, so that Marcus changes his web site" Marcus J. Ranum (Sep 21)
- Re: Exactly 500 word essay on "Why hacking is cool, so that Marcus changes his web site" haroon meer (Sep 21)
- Re: Re: Exactly 500 word essay on "Why hacking is cool, so that Marcus changes his web site" Barrie Dempster (Sep 21)
- RE: Re: Exactly 500 word essay on "Why hacking iscool, so that Marcus changes his web site" Paul Melson (Sep 21)
- RE: Re: Exactly 500 word essay on "Why hacking iscool, so that Marcus changes his web site" Drsolly (Sep 21)
- RE: Re: Exactly 500 word essay on "Why hacking iscool, so that Marcus changes his web site" Barrie Dempster (Sep 21)
- Message not available
- Re: Re: Exactly 500 word essay on "Why hacking iscool, so that Marcus changes his web site" Marcus J. Ranum (Sep 21)
- Message not available
- Re: Re: Exactly 500 word essay on "Why hacking iscool, so that Marcus changes his web site" Barrie Dempster (Sep 21)
- Re: Re: Exactly 500 word essay on "Why hacking is cool, so that Marcus changes his web site" Marcus J. Ranum (Sep 21)
- Life, the Universe, and Everything (was: Exactly 500 word essay on "Why hacking is cool, so that Marcus changes his web site") I)ruid (Sep 23)
- RE: Life, the Universe, and Everything (was: Exactly 500 word essay on"Why hacking is cool, so that Marcus changes his web site") Jos Pols (Sep 23)
- RE: Life, the Universe, and Everything (was: Exactly 500 word essay on"Why hacking is cool, so that Marcus changes his web site") Bryan McAninch (Sep 24)
- Re: Re: Exactly 500 word essay on "Why hacking is cool, so that Marcus changes his web site" Robert Nickel (Sep 26)