Full Disclosure mailing list archives
Re: Scandal: IT Security firm hires the author of Sasser worm
From: Barry Fitzgerald <bkfsec () sdf lonestar org>
Date: Tue, 21 Sep 2004 13:49:54 -0400
ktabic wrote:
- Have you ever exceeded 20 mph above the speed limit? If so, does that make you incapable of driving a big rig truck? If so, I think we should probably be very wary of our use of the roads. It's much more difficult to get a commercial license if you've been caught speeding, but no one ever said it was impossible.Funnily enough. No. I haven't.
Then you're in a very slim minority - if you drive, that is.
You point would be accurate if there were no penalties, but there are other penalties. Your point here is far too simplistic to be accurate.Popping back to the speeding example above. If you get caught doing 20 mph above the speed limit, you are liable to lose you license (in this country) unless you can come up with a really good reason. And: my job depends on being able to drive usually isn't good enough. And even if you don't lose the license, you gain penalties, which can accumulate into lost of the privilage to drive. So there is a difference between being caught for speeding. Get caught doign the proverbial 20mph above on a computer, you penalty is: Getting offered a job, and still being allowed to use a computer. To do what ever you want. That, at least, is what I see from this, and others like this.
Nope, I don't scoff at this. However, I have yet to see a job advertised: Professinal Virus Programmer, or with a job description of exploiting flaws in computers to compromise them againist thier owners will. * So he has a speciality that isn't really in demand.
Yeah, but is that really what he was hired to do?
Ahh - but he's not being hired by the company to be a virus/worm writer, is he?<cynic>Hmm, yes. Thats actually a good idea. Since he is already known to those whose job it is to investigate and catch criminals, they may find things eassier</cynic> Hmm, so the armed robber should be allowed, as part of his rehabilitation, to become gainfully employed as...? Well, what ever he could become gainfully employed as, it won't be as an armed robber. Theres nothing to stop him from becoming gainfully employed as, say, a builder. Or even a dustman, which is actually quite and important job.
If he isn't (and I highly doubt that he is) then you've proved my point. Thank you. :)
<> Ok, he's working as a a trainee software developer working on security products. Hows that?
That says nothing about how he'd be doing his work.
<>Not at all. It's unethical, not because he has that job. It's unethical because securepoint wrote to him and invited him to apply. Thats the unethical part. I have no problem with him applying for jobs, as a programmer, or pentester, whatever. The unethical part is a firm that specialises in security invites a known virus writer to write software for them.
How is that unethical?I'd be the first one here to call it unethical if I felt that it was, understand that, but I don't see how it's unethical.
It would be unethical if the company didn't disclose it... yet, they have.It would be unethical if the company employed him to do unethical things... yet that doesn't appear to be what's happening.
Why does the company seeking him out qualify as being unethical? I believe you're extending the term "unethical" to an area where it doesn't apply.
-Barry _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Scandal: IT Security firm hires the author of Sasser worm Feher Tamas (Sep 20)
- Re: Scandal: IT Security firm hires the author of Sasser worm bb (Sep 20)
- Re: Scandal: IT Security firm hires the author of Sasser worm John Galt (Sep 20)
- Re: Scandal: IT Security firm hires the author of Sasser worm adf--at--Code511.com (Sep 20)
- Re: Scandal: IT Security firm hires the author of Sasser worm ktabic (Sep 20)
- Re: Scandal: IT Security firm hires the author of Sasser worm Barry Fitzgerald (Sep 20)
- Re: Scandal: IT Security firm hires the author of Sasser worm ktabic (Sep 21)
- Re: Scandal: IT Security firm hires the author of Sasser worm Barry Fitzgerald (Sep 21)
- Re: Scandal: IT Security firm hires the author of Sasser worm ktabic (Sep 20)
- Re: Scandal: IT Security firm hires the author of Sasser worm bb (Sep 20)
- Re: Scandal: IT Security firm hires the author of Sasser worm Vincent Archer (Sep 20)
- Re: Scandal: IT Security firm hires the author of Sasser worm Georgi Guninski (Sep 20)
- Re: Scandal: IT Security firm hires the author of Sasser worm morning_wood (Sep 20)
- Re: Scandal: IT Security firm hires the author of Sasser worm Will Image (Sep 20)
- Re: Scandal: IT Security firm hires the author of Sasser worm Bruce Ediger (Sep 20)
- Re: Scandal: IT Security firm hires the author of Sasser worm Samir Kelekar (Sep 20)