Full Disclosure mailing list archives
Re: [full disclosure] agile hacking?
From: "Michael Krymson" <krymson () gmail com>
Date: Wed, 19 Mar 2008 10:24:12 -0500
I'm not sure a "community book" is going to make a lot of sense, have any coherency, or be all that useful. If you want a view of the future, go to packetstorm, grab up 100 random text "how to's" and see how well they read when placed back to back as a book. It won't be pretty. It'll read worse (or better content-wise) than Ankit Fadia's The Unofficial Guide to Ethical Hacking, which was a joke even back in the day. Will the "book" have any point to it, technical oversight, or applicability to different environments? It might be great that someone in Pakistan can hack wireless router B, but can he only do it from his special build of FreeBSD? What about details on attacking gateway C version 1.34.2 that is already 2 years old? Is that fair game, even though it is so specific that it really just becomes one more bit in a reference manual? Will the material be outdated by the time it even gets posted? Are you teaching principles or specifics? I wonder if your "book" will be heavily weighted towards web attacks and hardware gateway attacks. That would be a shame, but might be defensible as the hot new topic in recent years...but you'd lose out on the chance to include networking voodoo and OS/code ninjitsu. I'm sure everyone can learn something beyond their slice of the pie, which would be a benefit if you can get a more even field of submissions. Agile hacking might be taken to mean you should teach people how to hack in general, not how to hack specifics. Teach a man to fish... Just a quibble on your choice of subject line. Can someone reading a hack how-to be able to apply it agilely to other situations? You might be better served encouraging participation in a wiki-styled site as opposed to some book. Allow for search, peer review, and anonymous/open submissions. You can then control the categories and maybe exert some editorial review to keep the spirit of the work centered without deviating into a load of crap with some gems hidden here and there. Is it browsable? Is it readable cover-to-cover? Or is it a categorial or search reference? Heck, you can even use forums, but make sure not everyone can create new threads. Only create threads for appropriate materials but allow open commenting on such posts. Of course, any attempt to exert editorial control will result in loud and unhappy kiddies who think you're a nazi and have no skill and suck just because what they wrote belongs in some hacker kiddie group e-zine that rambles for 87 pages. Such is the nature of our field, it ranges from high school kiddies to geek squad tech support jockeys to pen testing consultants to fortune 100 managers with some technical chops. Who do you want to include? Then again, maybe you just need to do it, naysayers be-damned, and see how it goes. But I'd be concerned that you're wasting your time. Though, it'll get you attention and as most marketers may say, any attention is good attention. Successful or not, it keeps you busy in the eyes of the journalists who give you the press. (Or maybe you can do a Month of PDP Book Submissions?) :)
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: [full disclosure] agile hacking? Michael Krymson (Mar 19)
- Re: [full disclosure] agile hacking? Petko D. Petkov (Mar 19)
- Re: [full disclosure] agile hacking? don bailey (Mar 19)
- Re: [full disclosure] agile hacking? Petko D. Petkov (Mar 19)
- Re: [full disclosure] agile hacking? don bailey (Mar 19)
- Re: [full disclosure] agile hacking? Valdis . Kletnieks (Mar 19)
- Re: [full disclosure] agile hacking? reepex (Mar 19)
- Re: [full disclosure] agile hacking? Valdis . Kletnieks (Mar 19)
- Re: [full disclosure] agile hacking? reepex (Mar 19)
- Re: [full disclosure] agile hacking? coderman (Mar 19)
- Re: [full disclosure] agile hacking? don bailey (Mar 19)
- Re: [full disclosure] agile hacking? Petko D. Petkov (Mar 19)