Full Disclosure mailing list archives
Re: [SCADASEC] 11. Re: SCADA Security - Software fee's
From: Smoking Gun <pentesterkunt () gmail com>
Date: Mon, 23 Feb 2009 11:28:16 -0500
On Mon, Feb 23, 2009 at 10:26 AM, Michael Krymson <krymson () gmail com> wrote:
On Mon, Feb 23, 2009 at 8:57 AM, Smoking Gun <pentesterkunt () gmail com> wrote:Blah blah gross personal speculation blah... At any rate, if CEO Cloe decides to hire a pen-tester for $1,000 and gets back a scan with some dumpy reports on it (sorry, it's not a SmokingGun report that shakes the ground and makes angels weep), where is the real breakdown here? Did she not get something in return? Was she underpaying and thus getting Crazy Eddie crap? Was her expectation skewed? Or maybe is her resultant declaration that her company is fully secure after that scan ludicrous?
The real breakdown here comes from Cloe soliciting the services of someone who is labeling themselves an expert. This whole "Walmart" style penetration tester in a box theme being promoted by underclued individuals and marketed to the industry is devaluing the work many have worked hard to perfect. Many have given countless hours, codes, write-ups, seminars you name it. There is nothing wrong with making a euro, dollar, baht, don't mistake this but when there are mission critical applications and institutions at hand, that buck should take a backseat for the security of lives - or did you miss the subject portion of SCADA Security. -- Making no mistakes is what establishes the certainty of victory, for it means conquering an enemy that is already defeated. - Sun Tzu _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: [SCADASEC] 11. Re: SCADA Security - Software fee's Smoking Gun (Feb 20)
- Re: [SCADASEC] 11. Re: SCADA Security - Software fee's Adriel T. Desautels (Feb 20)
- Re: [SCADASEC] 11. Re: SCADA Security - Software fee's Smoking Gun (Feb 20)
- Re: [SCADASEC] 11. Re: SCADA Security - Software fee's Valdis . Kletnieks (Feb 21)
- Re: [SCADASEC] 11. Re: SCADA Security - Software fee's Smoking Gun (Feb 23)
- Re: [SCADASEC] 11. Re: SCADA Security - Software fee's Michael Krymson (Feb 23)
- Re: [SCADASEC] 11. Re: SCADA Security - Software fee's Smoking Gun (Feb 23)
- Re: [SCADASEC] 11. Re: SCADA Security - Software fee's Smoking Gun (Feb 23)
- Re: [SCADASEC] 11. Re: SCADA Security - Software fee's Adriel T. Desautels (Feb 20)
- <Possible follow-ups>
- Re: [SCADASEC] 11. Re: SCADA Security - Software fee's bobby . mugabe (Feb 22)
- Re: [SCADASEC] 11. Re: SCADA Security - Software fee's Michael Krymson (Feb 23)
- Re: [SCADASEC] 11. Re: SCADA Security - Software fee's bobby . mugabe (Feb 23)