Full Disclosure mailing list archives
Re: Beyond black, white, and grey: the Yellow Hat
From: ratel <ratel () mailvault com>
Date: Wed, 20 Nov 2002 15:12:35 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- On 20-Nov-2002 10:50:49 -0500, Sam wrote:
Secondly, for those of you with certifications and minimal hands on knowledge, I can speak with some authority here as I frequently train folks like you to do the jobs their certs say they are already
qualified >for and on which they were usually hired to do. Get over yourself!
Ok, so you make more money than you are qualified to make, and know
less >than you claim to know, chill out, you got away with it. Enough said. >Other than, it would now be nice if you would learn the skills you need to >excel in your chosen field. It would be nice if you didn't assume everyone here is a mere knuckledragging data munching packet crunching monkey of a technician such as yourself. Frankly, I doubt you'd know the first thing about what it means to excel in my chosen field. But if it makes you feel better about yourself to make all sorts of unwarranted assumptions and call me "kiddie" because I happen to raise a few unpleasant questions you can't answer, go right ahead.
Also, in response to the most recent claim by "phrick", so you hacked into someone's mail server, which as I understand it is not owned nor managed by said person. Woohoo to you!
If memory serves me correctly, a simple search through the archives reveals he did dare them to do it. "hack my mailserver son" or some such. Well, maybe this should serve as a lesson to us all to be a little more careful what we ask for.
I have no problem finding many useful suggests from Mr. Dufresne on a variety of security lists. So he isn't just talking the talk.
Is it true Ron DuFresne has been a member of G-Force Pakistan? Because I seem to remember reading excerpts in Lance Spitzner's "Know Your Enemy" of captured IRC conversations featuring some American member who was making all kinds of embarrassing technical blunders right under their nose without suspecting a thing. If this is true, Mr. Dufresne has no place lecturing me about anything, much less ethics or security. Or anyone else, for that matter. Dippy little Deltas like that really ought to stick to their two-bit web defacements under the watchful eyes of Project Honeynet instead of gibbering at their betters.
I am not a security expert. With the constantly changing technology and the constant poorly written code out there, I am just another someone
who >tries to keep up with how to best secure myself, my systems and those who depend on me to keep them safe. That's fine. All anyone can do, really. Okay, so maybe the monkey bit was a tad harsh. I'm sorry. Sort of.
Shame on those of you who are making such fools of yourself and brava
to >those of you who don't get caught up in the "mine is better than yours" >game! To hell with all that. I thought distinguishing yellowhats (people motivated by money while pretending to be something they're not) from the real whitehats who honestly care more about security than lining their pockets was a useful contribution. Once again, the real issue here nobody seems to want to talk about is the hypocrisy inherent in putting working exploits in the hands of script kiddies while cashing in on pretending to care about security. Selling snake oil to the government in order to get rich. Ripping off their clients with puffed-up lame products that they know in their heart of hearts don't work. Undermining their products' saftety with backdoors while putting on the dog to investors about how holy they are-- while simultaneously trying to be a b4DazZ iNz1deR with their more straightforwardly scumbaggy associates. IT TURNS MY STOMACH. IT REALLY, REALLY DOES. ~Ratel. *** "Americans used to roar like lions for liberty. Now we bleat like sheep for security." - Norman Vincent Peale. -----BEGIN PGP SIGNATURE----- Version: MailVault 2.2 from Laissez Faire City http://www.mailvault.com iQA/AwUAPdvse+YNtyh3zif9EQKktgCfYvR/cyOubKXvqXENkI7XSIVQXzcAnArs wGSggw6J0kC9PQ0fOjrDx6lo =R4pm -----END PGP SIGNATURE-----
Current thread:
- Re: Beyond black, white, and grey: the Yellow Hat Sam Jones (Nov 19)
- <Possible follow-ups>
- Re: Beyond black, white, and grey: the Yellow Hat Sam Jones (Nov 19)
- Re: Beyond black, white, and grey: the Yellow Hat ratel (Nov 20)