Full Disclosure mailing list archives
infosec rot (was Re: Gomez eats the weak)
From: coderman <coderman () gmail com>
Date: Sun, 24 Apr 2011 20:32:49 -0700
On Sat, Apr 23, 2011 at 9:00 AM, ichib0d crane <themadichib0d () gmail com> wrote:
lol someone who thinks he is original because he is stating things that pretty much everyone knows, or at least traces of which may be true enough to be known.
poor kid probably bought into degrees and/or certs, got all hyped up on infosec, only to find a shitty industry behind the curtain...
Of course no one but your peers give a crap about what you do, guess what? No one but those in the immediate peer group of an architect or a subway employee cares about what they do either.
those who seek attention rarely deserve it; this is a feature, not a bug. hollywood and politics are for those with external loci of identity...
Of course some moonlight as blackhats, guess what? Some 'anti-man' blackhats daylight as paper pushers.
solid ethical reasoning: not taught in school and virtue unappreciated. this happens in every industry, though infosec loves to eat its own.
Of course the government lures the brightest minds to work for them and develop exploits for *insert cause here*.
keeping up with the joneses. dozens of state sponsored "cyber" programs across the globe and counting. what a gold rush!
Of course most pen-tester's post-exploitation skills suck.
not to mention this only comes into play when an attack is actually detected. most last way too long, sometimes months/years! before identified.
Valdis is right, you must be new here if you think that stating obvious facts make you seem smart.
sounds more like frustration and disillusionment. let me help with that. you forgot to mention the industry charlatans, the media whores, the pervasive apathy around security processes and posture in general, save for those brief moments of post-pwning introspection with fervent commitment to "do better" that lasts about as long as a new year's resolution. and development practices, i can't even begin. governments and megacorps alike keep fucking up the simple stuff, over and over. whether it's laughable crypto cock-ups, or hilarious insecure oversights from 90's back like a bad fad in your console and smart phone, or the security products and vendors getting ravaged themselves and providing vectors to customers through their softwares (and you're paying for the privilege!)... i could on, but i'll haiku instead: infosec despair laziness, incompetence here. there. everywhere. pwnies on rampage cyberwar and A. P. T. thieves, spies, good guys - who? downhill since '93 onward indefinitely band-aids but no cure what is it good for? lush lucre and free passes on backs of masses they're fleecing all nations, corps, orgs big and small reparations null infosec should be? no. build in security! existential angst [to be, or not to be...] _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- infosec rot (was Re: Gomez eats the weak) coderman (Apr 24)