'Rent-a-hacker' debate gets heated
Results 1 to 7 of 7

Thread: 'Rent-a-hacker' debate gets heated

  1. #1
    Senior Member
    Join Date
    Nov 2002
    Posts
    382

    'Rent-a-hacker' debate gets heated

    In my opinion D. Sparkes is quiet clear minded to think that employing hackers could encourage people to hack in order to be employed to secure companies!

    I'll be interested to know if some ppl in AO follows that philosophy: Hack for their CV!

    For me, I never be a hacker & I will not , I'm just a telecom engineer with security background learnt on the field.

    Full article here
    A hacker has more of an insight into the minds and workings of another hacker," he said. "Personally I think it would be a great asset to a company to have a hacker as a security consultant, or even as an administrator for security."

    However, not all respondents were of the same opinion. David Sparkes, a systems integration engineer working in the telecoms sector, expressed concerns about the messages it would send out - suggesting many may come to think of hacking as a career move, something which they can later put on a CV.

    "If you employ hackers then you are actually encouraging more people to become hackers," he said.
    [shadow] SHARING KNOWLEDGE[/shadow]
    Share on Google+

  2. #2
    Banned
    Join Date
    Apr 2003
    Posts
    54

    Exclamation

    Hacking isn't cracking, hacking is what do to make games funnier, or easier, i suppose it would raise the bar for IT standards
    Share on Google+

  3. #3
    Senior Member
    Join Date
    Oct 2002
    Posts
    181
    lets not go down the hacker, cracker line again.

    a hacker as a security consultant,
    well this has to be the case, how could anyone advise on security with out knowing how to break it in the first place?

    But lets get soming sorted from the start. You do not have to break the law to learn how to hack into a system. Build a test setup in your room and learn how to do it on that.

    I think you willl also find that most security companys will not employee, a security consultant with a cirmial record for breaking in to other peoples system.

    So to sum that up, you cant be a security consultant with out knowing how to break into systems

    Well that my 2cents worth

    SittingDuck
    I\'m a SittingDuck, but the question is \"Is your web app a Sitting Duck?\"
    Share on Google+

  4. #4
    Senior Member
    Join Date
    Nov 2002
    Posts
    382
    u damn right SittingDuck!

    But I'm not sure cie will not hire folks without criminal records, the best example of that is M$
    http://www.antionline.com/showthread...readid=243087.

    The real question is how can u prove u've enough security expertise 2 b consultant. Trust the CV?
    2 years of sec admin when the network had never been really attacked is not similar that the one how've been hacked in term of knowledge & experience.
    What's the best CV: Saying u're the best bcose the network had never been broken through or sying u're one of the best bcose u faced huge attacks?

    An easier way to prove ur sec expertise is to hack & prove u're the 1 who did it & that's a big point of concern since sec business is growing up.
    [shadow] SHARING KNOWLEDGE[/shadow]
    Share on Google+

  5. #5
    Senior Member
    Join Date
    Oct 2002
    Posts
    181
    An easier way to prove ur sec expertise is to hack & prove u're the 1 who did it & that's a big point of concern since sec business is growing up.
    There are two point I would like to make about this

    1) Any scriptkidde can hack, does that mean they are good at what they do?

    2) It's still illegal(sp?), so if you own up to it, you will spent time in jail


    So that brings me how do you prove you are good. Well in the UK (can't say about the rest of the world) there is the CHECK sceme, which is run by the UK goverment

    http://www.cesg.gov.uk/site/check/index.cfm

    They run an assult course for security testing, which is test of how good you are, if you pass you have reached a high standard.

    So which is better either to have a crimal record for breaking to a companies network, or to certified by your goverment?


    SittingDuck
    I\'m a SittingDuck, but the question is \"Is your web app a Sitting Duck?\"
    Share on Google+

  6. #6
    Senior Member
    Join Date
    Jan 2003
    Posts
    686
    I think it really does have to do with the person and their background. I can see if someone got in trouble when they were like maybe in the age range of 10-20 with the law... I wouldn't hold it against them if they were like 25 and applying for a job at my company. Then again it would all depend on WHAT exactly they were "hacking" into or what not.

    There are two sides to every coin, and many different ways to take things. Sometimes the best hackers, in the past, have gotten great jobs in security companies or banks after they got out of jail (hell they had a job while they were given the job while still in jail). It's a big topic with many different sides and such...


    We could sit here and argue out the logistics all day.

    ~ AciD's 2 cents
    [shadow]There is no right and wrong, only fun and boring...
    Formatting my server because someone hacked into it sounds pretty boring to me...
    That\'s why it\'s all about AntiOnline.com!
    [/shadow]
    Share on Google+

  7. #7
    Junior Member
    Join Date
    Dec 2001
    Posts
    24

    Cool

    All super valid points! For myself, I was tired of changing a game to make it easier, funner, heck...even more challenging. So, I can do this, I can do that. Why not the ultimate challenge(at least it was back in the day). So here is this 19yr. old kid, somewhat full sys access...major charge card issuer....you can see where i was getting to. Anyway, 08 mths in a detention facility, 03 felonies later, only now I write my own ticket. It IS all about the individual, morally and ethically. I used to think it was funny to steal an ice cream bar from the store when I was a kid. Now I understand all too well how that one thing can make or break the bottom line.
    Agreed on the hacker/cracker scenario. I choose to be neither( as labels go) I just do what I looooove to do, to the best of my abilities. Yes, I could do it. But if I do, it's the sam eold thing all over again. Been there, done that. (it would also eat at me until I had to boast, like before)....Kinda makes you wonder as to which Admin watched one too many Cary Grant's ......
    Share on Google+

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides