summer intern is a known hacker - Page 3
Page 3 of 5 FirstFirst 12345 LastLast
Results 21 to 30 of 46

Thread: summer intern is a known hacker

  1. #21
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    if you've ever been on the wrong side, it IS a long road back just to let some other ass-hole come along and screw it up for you. who's going to look dumb if he does decide to change. like maybe his location if he thinks hes seeing jail time and needs some money fast. not the accussed hacker. that was to be expected. so why didn't the admin expect it... he must be stupid.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  2. #22
    Member
    Join Date
    Mar 2004
    Posts
    94
    Maybe he should find out what exactly he is on trial for, and then post it here. I don't mean breaking into a network and stealing card numbers, but I mean what he is being charged with. For all we know, he was blackmailed, or his machine used as a zombie. [/B]
    It wasn't blackmail and his system wasn't a zombie. He repeatedly accessed the network and was caught in the act by the feds.

  3. #23
    King Arana: Super Moderator
    Join Date
    Oct 2002
    Posts
    4,055
    It wasn't blackmail and his system wasn't a zombie. He repeatedly accessed the network and was caught in the act by the feds.
    Hrmm, then perhap's sit down and have a talk with him and see if you think he learned his lesson or if he still has that same mentality. Otherwise, no wonder why he wanted an internship at your company that would grant him access to data such as the one your company share's on it's network.
    Space For Rent.. =]

  4. #24
    Member
    Join Date
    Mar 2004
    Posts
    94
    Thank you all for your opinions. I agree with most of you that this person never should have been hired for this type of position. I've always been of the belief that a company has to trust their IT dept. Hiring someone (for anything) who has already shown that they can't be trusted is a bad idea. Unfortunately, I wasn't consulted on this.

    However, since the powers that be have thrust me into this situation, I have to deal with it. I think my approach will be to:
    1) cover my ass by voicing my opposition to this.
    2) add additional monitoring to the network/servers just in case we need it for evidentiary reasons later.
    3) hope and pray he *has* changed.
    4) count down the days until summer is over

  5. #25
    King Arana: Super Moderator
    Join Date
    Oct 2002
    Posts
    4,055
    4) count down the days until summer is over
    ROFL haha that one was good. I think you'll be alright, but be stiff and be careful. Like most of us have suggested, go with One strike and he's out. Moniter like none other his machine's and try to form a relationship with him. Who know's, maybe you could become friend's, learn from each other, etc and he won't do anything at all. Oh, and prayer does help
    Space For Rent.. =]

  6. #26
    The Recidivist
    Join Date
    Nov 2002
    Posts
    460
    What happened to "innocent until proven guilty"? Watch him and give him a chance to follow the right path.
    Being a victim of America's judicial system, from my experience it is more like "Held accountable until proving innocent"


    hjack
    "Where the tree of knowledge stands, there is always paradise": thus speak the oldest and the youngest serpents.
    - Friedrich Nietzsche

  7. #27
    Senior Member
    Join Date
    Jun 2003
    Posts
    723
    I think the person who hired him should be fired. As they have put the company up **** creek without a paddle if something does happen. Would brinks hire a bank robber? Whether he does something at work is irrelevant as , If he is smart he will find easy se targets, network topology , inside info, a couple passwords on sticky notes . And then own you once his internship is up. What happens to the companys liabiltiy when they have knowingly hired an obvious security risk? , negligence anyone?
    Do unto others as you would have them do unto you.
    The international ban against torturing prisoners of war does not necessarily apply to suspects detained in America\'s war on terror, Attorney General John Ashcroft told a Senate oversight committee
    -- true colors revealed, a brown shirt and jackboots

  8. #28
    AO BOFH: Luser Abuser BModeratorFH gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Originally posted here by lumpyporridge
    Would brinks hire a bank robber?
    If he got caught then hell no, he's an amature. But if he got away? Hell yea. This is the difference between me and others. Most people see a criminal, and make him feel worse. I would rather be on the guy's good side, than piss them off, and be on the bad side.

    This is why I can go into a dark alley without worry. I make friends, you make accusations. If someone robbed banks, and wanted a job doing the security for one, I think it would be a great idea. The guys would have first hand knowledge what to watch for, how to make the situation easy, and how to take away the danger, and he would know the warning signs.

    This is of course assuming he had no intentions of doing it anymore. Look at the hackers who have been in trouble before. Would you want someone who only has read about it trying to secure your network? Or someone who has EXPERIENCE in breaking it open, not only helping, but making friends with them. You get someone who is good enough to break in, securing the thing, and you get him and his buddies as guard dogs.

    Would you hire a body guard who had never been in a fight before? No, you want your ass protected, and you need someone who knows how to throw a punch when needed.

    The bank robber would be perfect security. He knows the tools of the trade, and the signs. this would give better protection than some jack ass who has watched tapes. And if you're lucky, he has friends who have done this too, so not only do you have a secure bank, but if you treat him as a friend, and he respects you, he won't allow anyone to rob your bank.

    Same with hackers. All of his buddies will know to leave your network alone. Experience can teach better than a book, if you really worry about security, you're going to want someone who has actually done this.

    The book "Confessions of teenage Hackers" is a good example. Most of the hackers in it are now security consultent people. It brings me back to my last point: Would you rather have people like this on your side, and as friends? Or as enemies?

    I have friends that are dealers, and professional robbers. When I had my car, I never had to lock it, no one would dare break into my car when they knew who would be paying them a visit. I never had anything stolen out of it, and I had a few grand in it worth of music and a system.

    The people who say "Well I would never hire a criminal" usually end up getting hacked, or robbed, because they have no ties to the underground where the professionals live. My way allows more jobs to people so they don't HAVE to rob banks, and stops the prison system from filling up with people who really just needed a chance.

    I've known people who had to either rob someone, or go hungry. No one would give them a job either. Not because of a record, but because of the way they looked. I've been in the same boat, and when it starts sinking, you have few options, and criminal things are one of them.

    Why let jails fill up when you could help someone in need? When I was doing **** like this, do you think I had people knocking on my door offering work? No. I'm not asking you to run out and hire a bunch of ex cons, but I am asking you at least think about how you act towards them.

    Example:

    A guy that worked in law enforcement was doing a routine check on someone and checked the license of a man, and they talked while they were checking everything out. They became good freinds, and one day, the law enforcement guy had given someone a ticket who had friends in the mafia.

    The guy he became freinds with before was the head of another mafia, one more dangerous than the one that took a hit out on him, and the guy he was friends with found out, and saved his ass.

    If he would have been like "Oh, well you're a boss for a mob, you must be bad" he would have been dead. Instead he became friends with the guy, and the guy saved his ass from someone killing him.

    I'm not sure which state this was, but I know it's not the only example.

    My familly is the same way. They don't like some of the people I hang out with because of what they have done. I say the same thing to them "Would you rather have them not like me, and have to worry about them? Or have them like me, and know who you are because of me, and it saving your ass one day when they are walking down the same road as you are late one night? You're safer not being a bitch like that and knowing that if you ever see them in the dark, you won't get shot".

    Tiger...You live how close to Detroit?

    The cops can't save you from being mugged if they are busy with another report, but having friends with ties can help a lot.

    Again, in short, you would be better off making friends than a mistake.

    I've robbed cars and taken hand bags and ripped the money out of them and walked away when I needed the money, does it make me worse that I did this? Why should someone look down on me for that, and not give me a job because of it, when I did it because I NEEDED a job?

    Are you guys all saying I'm bad because of this? And that I'm not trustworthy because no one wanted to hire me because I was a teenager with bills to pay? Looking down on people who actually need a job is not right.

    It's the same thing with drugs, which I won't bring up because it's not as much on topic, but people who grow up poor, and then realise they can get about $30,000.00 a month, do you think they are really going to stop when they grew up poor, can't find a job, and have no other option? Hell no.

    When it's down to deal or be homeless, I am surely going to pick deal. I don't feel like having nothing, because no one will give me a chance.

    It gets on my nerves knowing I talk to people, and exchange information with people, who think the same way as other people who have either ****ed me over, or not given me a chance because of how I look, or who I know.

    Maybe some of you should try making it with no job, and no one willing to hire you, THEN maybe you would be more understanding.
    Kill the lights, let the candles burn behind the pumpkins’ mischievous grins, and let the skeletons dance. For one thing is certain, The Misfits have returned and once again everyday is Halloween.The Misfits FreeBSD
    Cannibal Holocaust
    SuSE Linux
    Slackware Linux

  9. #29
    Banned
    Join Date
    Jul 2001
    Posts
    1,100
    Greetings All:

    Originally posted here by gore
    Most people see a criminal, and make him feel worse. I would rather be on the guy's good side, than piss them off, and be on the bad side.
    Originally posted here by gore

    And if you're lucky, he has friends who have done this too, so not only do you have a secure bank, but if you treat him as a friend, and he respects you, he won't allow anyone to rob your bank.

    Same with hackers. All of his buddies will know to leave your network alone.
    This is what we in the civilized world call a "Protection Racket". While the Russian Maffia might share your same ideals, I can assure you that no one in the legitimate corporate world does, nor should they.

    Originally posted here by gore

    The book "Confessions of teenage Hackers" is a good example. Most of the hackers in it are now security consultent people. It brings me back to my last point: Would you rather have people like this on your side, and as friends? Or as enemies?
    Again with the protection racket talk. Also, while it is true in the time frame from say, 1999-2001 there was a big push by consulting firms to hire "former hackers". Guess what? The exact opposite push is taking place now. Why? Because these companies' clients found that having "former hackers" running around their complexes was not a good idea. Virtually every major security firm in the US today distances themselves from anyone that's even perceived to have been a "black hat" hacker at one time or another.

    Originally posted here by gore

    The people who say "Well I would never hire a criminal" usually end up getting hacked, or robbed, because they have no ties to the underground where the professionals live.
    "Professionals" do not live in the underground, "criminals" do.

    Originally posted here by gore

    If he would have been like "Oh, well you're a boss for a mob, you must be bad" he would have been dead. Instead he became friends with the guy, and the guy saved his ass from someone killing him.
    Ok, now you're reaching into a world so far beyond the one normal civilized people live in, that I'm just going to stop commenting on it point-by-point.

    I really hope that those that ask questions on this site are VERY careful who they choose to take advice from.....

  10. #30
    Junior Member
    Join Date
    Jan 2003
    Posts
    6
    you cant judge a book by its cover. find out what he did and work with the guy....who hired him in the first place....probably they got a good reason to let him in your company...if not, the personnel who got him in should get fired....now that he is in your company try to make him work as best as possible with maximum supervision....he is getting paid right so make him work for what he is worth.....

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides