April 16th, 2003 05:52 PM
Kevin's in the news again.
I don't know why he just doesn't paint a big Bull's-Eye on his back.
Find the full story HERE
The contentious sparring between Hewlett-Packard Co. chief security strategist Ira Winkler and convicted hacker Kevin Mitnick came to a head Tuesday afternoon at RSA Conference 2003.
Under the guise of a general-session debate on whether enterprises should hire former criminal hackers to do network penetration testing, the session quickly dissolved into 65 minutes of Mitnick defending his transgressions and Winkler aggressively pressing the former hacker on his skills and those of his nefarious former colleagues.
Nevertheless, a packed session hall took in the verbal jabs with glee and boos throughout the event, with Winkler getting the bulk of the cheers, but absorbing a few jeers, as some applauded a few of Mitnick's points.
Trying to bring some sort of balance to the panel were Jennifer Granick, a hacker-sympathetic attorney who represented Mitnick, and Christopher Painter, who was her counterpart during the trial. Granick teaches at Stanford Law School and is director of the school's Center for Internet and Society. Painter is deputy chief of the Department of Justice's Computer Crime and Intellectual Property Section.
Granick stood by her client, trying to buffer many of the blows coming from Winkler, who opposes the notion that it's a wise idea to bring former criminals into the enterprise to probe and poke at networks to determine vulnerabilities and soft spots. Painter, meanwhile, hammered home the notion that enterprises must examine the risks involved before bringing criminals inside their firewalls.
Perhaps the true balance on the day were the attendees, some of whom fell in the middle of the debate.
April 16th, 2003 05:56 PM
and here i thought hed be trying to sue JP for slander
April 16th, 2003 05:59 PM
That is really very interesting. I wonder what my fellow AO'ers think about ex- criminals working for securirty companies. Its also important to distinguish up to what level someone in this situation can be called a criminal. Would anyone of you hire an ex- "criminal/geek" for a security related buisiness?
Ubuntu-: Means in African : "Im too dumb to use Slackware"
April 16th, 2003 06:08 PM
Yes, good thread!
I read his book The Art of Deception and follow his life in the news....interesting!
You can tell lot about a person by how they handle these 3 things: Rainy Days, Lost Luggage, and Tangled Christmas tree lights
April 16th, 2003 06:41 PM
I am all for exhackers/crackers as security experts, most of my friends from the BBS days are now doing network security we know what to look for and how to handle a system. If you where caught you where doing something wrong (lacked proper skills) and shouldn't be working in security.
April 16th, 2003 07:14 PM
I feel that if you are reformed and have paid your price, then there is nothing wrong with being employed in the field.
However, I think that Kevin Mitnick is just a media whore. He is not a hacker, he is a "social engineer", aka nothing but a con artist. His knowledge and experience in computers is also outdated. There is no way that someone who was banned from touching computers for years can be up to date with current technology. No matter how many books the guy read, he does not have hand on experience. In my book he is right up there with that idiot Kimble. They are both media whore idiots using their names to gain attention.
And to top it off, the guy is a *****. All he does is cry about being treated wrong. He always has a new reason of how he is being treated unfair. Screw him. He needs to grow up.
An Ounce of Prevention is Worth a Pound of Cure...
April 16th, 2003 07:50 PM
I'd tend to agree with bballad.
I'll speak from personal experience here for a second...
I have computer past I'm not overly proud when I think back on it now... I was never caught, never arrested but I did a lot of highly questionable and illegal stuff when I first started learning. I'd learn about something and then figure out how to break it. I ended up learning enough to become the most knowledgeabe geek in my HS and working on a related police investigation. Since then I've grown up a lot, and turned over to the legal side of things but at the same time that stuff taught me a hell of a lot about computers.
So yeah, I think it's a great idea to higher ex-hackers/crackers.. if the ex in front of their name is true.. and I also agree with bballad that convicts are a different story. I think it would have to depend on the circumstances of what they did though, each former convict would have to be dealt with on an individual basis and their past looked into.
April 16th, 2003 09:28 PM
This non-hacker is giving hackers a bad name.
Maybe when he's secured his own site, he can attempt to secure others.
He should shut his mouth and just continue selling more 'computer used by kevin mitnick to hack...' on ebay, he's pathetic.
But I do feel ex-hackers should be allowed to work for companies, I don't really see a draw-back, not many convicted hackers are going to be placing backdoors in your network for revenge at a later date now are they.
To choose between the security analyst and a hacker I'd choose hacker everytime, once you have someone `from the other side' on your side you know how the `enemy' thinks and behaves, and just how they grab your balls.
April 16th, 2003 09:41 PM
A lot of the media friendly "Hackers" and "security experts" (see Mitnick and Cliff Stole) don't know very much at all ( I fondly remember handing Mr. Stoll a print out of his mail box at a speech he did in my area) but are charismatic and good at BS. The government has known this for a while...Mr. Mitnick went to jail for his activities some of the guys I hung out with back in the BBS days went to the NSA high school/college internships, or Navy intell..
April 16th, 2003 10:01 PM
With all the subtlety of an artillery barrage / Follow blindly, for the true path is sketchy at best. .:Bring OS X to x86!
Og ingen kan minnast dei linne drag i dronningas andlet den fagre dag Då landet her kvilte i heilag fred og alle hadde kjærleik å elske med.