Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

reporting a web site breach

From: jason_jones98 () hotmail com
Date: 18 Oct 2008 01:48:23 -0000
Everyone (and Joe),

Thank you hugely for your advice and experience in the feedback.

I have come to the conclusion that as a security proffessional / pen-tester for the last @ years I still do not and 
will never understand the line that we can (and potentially will) cross outside of a sealed contract. When we access 
sites for personal use, surely (not just me) we look at everything going on and would like to advise if we see a major 
flaw?

is it me or has the world gone mad? our initial nature is to protect..but, are the laws moving against the legitimate 
proffession (what they know) in such a way that it will turn us to look at the way we work?

My way forward now:

If I find a flaw that a malicious person could benefit from outside a contract --- ignore it and look after my career  
--- sad but true.........





------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: