Full Disclosure mailing list archives
Are PHC going to ultimately secure more work for
From: sockz () email com (sockz loves you)
Date: Wed, 18 Sep 2002 21:17:46 -0500
----- Original Message ----- From: "James Martin" <me () uuuppz com> Date: Wed, 18 Sep 2002 17:13:10 +0100 To: "sockz loves you" <sockz () email com> Subject: Re: [Full-disclosure] Are PHC going to ultimately secure more work for
i dont know many *suits* who are aware of the PHC. sure a few would exist outTrue I suppose, but if PHC or any other "blackhat" group gain notoriaty they will be used as an if not the example of the "lurking threat".
well thats not PHC securing more work for the security industry... thats the security industry doing their thing isn't it...
the fault of the whitehat security industry panicing. just because al qaeda is probably the most known terrorist organisation on earth, doesn't mean they are the most formidable. there are many other groups out there who aren't even mentioned, yet could probably out-terrorise :) al qaeda. catch my drift? al qaeda is like the script kiddy organisation of the terrorist underworld.Exactly! They might not be the best organisation, but they are the name which is banded around whenever terrorism is needed to justify some action. In the same sense PHC if well known would serve the same purpose to the security industry.
ouch. i doubt it. but if that does happen, it will probably be more the case that PHC becomes a front for other groups out there. i think the main difference between al qaeda and PHC is that PHC actually knows what they're on about. al qaeda didn't even come up with the WTC idea. they stole it from real terrorists. catch my drift? there have been so many lies conjured up about the real source of the WTC & Pentagon attacks that it just isn't funny. the US govt's reaction to the attacks was something akin to the security industry's reaction. you use this event as a justification for a parallel action. you prey upon society's restricted access to information and feed them an almost completely different version of whats really the truth. is that necessarily right? nope.
Ultimately a threat is going to strengthen the industry not weaken it. Keep up the good work PHC, your securing the internet ;P.not really, seeing as the security industry can only protect its clients against those bugs that are known. i dont see it as being that hard for PHC to come up with something original whenever they want to make a point. henceYes but every time they do, they will add to the justification for the paranoia on which the industry thrives.
dude, we both know that the security industry doesn't need real justification. it can use lies just as effectively and get away with them. this has worked in the past, and will continue to work well for as long as the security industry stands... insulting the very intelligence of humankind. thats why it all needs to stop.
a threat is just a threat, it doesn't strengthen anything. the only strength gained is when unique attacks occur, prompting whitehats to investigate a new technique, at which point it becomes redundant and probably wont be used by the group again. comprehend? this brings us back to the original argumentThis relates to new information/research. Getting companies to even consider security can still be very difficult. The bigger the threat, the more people who will patch, and the more demand there will be for security consultancy.
PHC is against the whitehat community before its against businesses (in fact, i dont think it means to bother them at all, unless they're connected to the security industry). why would businesses need to protect themselves against a threat that isn't even relevant to them? its like selling tornado or earthquake insurance in australia.
that the only strength the security industry has is in the ability to palm off obsolete attacks as threats in themselves. a scenario in which the only ppl moving to execute these attacks are leeches. PHC has no need to leech.Well if PHC is actively using zero day attacks and this gains notoriaty, there will be more demand for the services of those who can "combat" this risk.
yes but you cant combat something if you dont know what it is. the money put into combatting 0-day exploits carries about the same efficiency as hiring someone to sort through a barn full of hay, looking for that one needle... *if* that needle is even in that barn... it could easily be in the barn next door, or the one next to that. and for all the time and money you waste doing this... you get next to *nothing* :\ -- __________________________________________________________ Sign-up for your own FREE Personalized E-mail at Mail.com http://www.mail.com/?sr=signup
Current thread:
- Are PHC going to ultimately secure more work for sockz loves you (Sep 18)
- Are PHC going to ultimately secure more work for Nuno Fernandes (Sep 18)
- <Possible follow-ups>
- Are PHC going to ultimately secure more work for sockz loves you (Sep 18)