Full Disclosure mailing list archives
Are PHC going to ultimately secure more work for
From: nfernandes () real-secure com (Nuno Fernandes)
Date: Wed, 18 Sep 2002 12:56:27 -0400
PHC is a terrorist network, it's just done over the Internet. -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of sockz loves you Sent: Wednesday, September 18, 2002 9:44 AM To: full-disclosure () lists netsys com Subject: Re: [Full-disclosure] Are PHC going to ultimately secure more work for ----- Original Message ----- From: "James Martin" <fulldisclose () uuuppz com> Date: Mon, 16 Sep 2002 12:54:22 +0100 To: <full-disclosure () lists netsys com> Subject: [Full-disclosure] Are PHC going to ultimately secure more work for "Security Consultants"? Hi James.
I've been pondering the real effect PHC are going to have (if at least partially successful) on the "Security Industry". My conclusion is
that
ultimately they will help, not hinder the industry. I'd be interested
to
hear your comments on my argument.
likewise. i think i've made a few good counter-arguments in my reply, but i would certainly be interested as to what you (and others) think.
What does the industry rely on to maintain a market? Fear. Fear of
breaches
of privacy. Fear of vandalism. Fear of embarrassment. Fear of loss of productivity.
hmm... i see. fundamental but true.
For a company to invest in maintaining security, they must be able to justify their fears. As many of you know it can be very difficult to convince those in suits that there's a real risk of being hacked. A
tangible
representation of the risk is often needed, rather than just
protecting
against an unknown enemy.
i dont know many *suits* who are aware of the PHC. sure a few would exist out there somewhere, but business people tend to want to focus on things in the business scene, not the computer security scene. thats why they hire security "professionals". because they dont have the time to waste on the job themselves. hence if the business person hasn't got the time to keep up with first-hand information about the hacking community, then they become heavily reliant upon the security people they contract. which ultimately brings us back to the point that its the security industry that generates this paranoia.
If PHC et al succeed in building a name for themselves in the media,
they
will become to Al Quida of the security industry. Still very sketchy
in
detail, but a label for the risk. This in my opinion should prove a
powerful
weapon in the arsenal of those pushing for larger (or even some)
budgeted
capital for security related services.
why do you attempt to demonise PHC by likening them to a well-known terrorist network? it doesn't help your point at all. if this DOES happen it will be the fault of the whitehat security industry panicing. just because al qaeda is probably the most known terrorist organisation on earth, doesn't mean they are the most formidable. there are many other groups out there who aren't even mentioned, yet could probably out-terrorise :) al qaeda. catch my drift? al qaeda is like the script kiddy organisation of the terrorist underworld.
Ultimately a threat is going to strengthen the industry not weaken it.
Keep
up the good work PHC, your securing the internet ;P.
not really, seeing as the security industry can only protect its clients against those bugs that are known. i dont see it as being that hard for PHC to come up with something original whenever they want to make a point. hence a threat is just a threat, it doesn't strengthen anything. the only strength gained is when unique attacks occur, prompting whitehats to investigate a new technique, at which point it becomes redundant and probably wont be used by the group again. comprehend? this brings us back to the original argument that the only strength the security industry has is in the ability to palm off obsolete attacks as threats in themselves. a scenario in which the only ppl moving to execute these attacks are leeches. PHC has no need to leech. anyway, i'd be interested in hearing your thoughts on this. <3 sockz -- __________________________________________________________ Sign-up for your own FREE Personalized E-mail at Mail.com http://www.mail.com/?sr=signup _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Are PHC going to ultimately secure more work for sockz loves you (Sep 18)
- Are PHC going to ultimately secure more work for Nuno Fernandes (Sep 18)
- <Possible follow-ups>
- Are PHC going to ultimately secure more work for sockz loves you (Sep 18)