Hiring Hackers As Security Consultants

**¤The¤Spe©ialist** · June 30th, 2005, 11:16 PM

Oh uhhh... uhhh... I broke in through a window.
"How?", asked the employer.
Then the thief replies, "Well I uhhh... can't explain how but I uhh ran throwbrick.exe".
But thief, im not even running windows you scumbag! I want my money back!!

But it doesn't matter what you think or what your analogies are like. This is the real world and no company is going to hire some dumb skiddie "to break into things" period. Yet alone someone who commited a criminal offense.

It simply isn't their job to do half the things most of you guys keep mentioning... see my other post here.

**nihil** · July 1st, 2005, 12:03 AM

Even though it is made in his own inimitable style I do believe that ¤The¤Spe©ialist has a point here.

Basically hiring would be through IT with the vetting by HR (that stands for "human remains" for those who did not know).

That means two bosses covering their a$$es?...................no chance if they know, and if they don't, they wouldn't want you? Let's face it HR and IT are not traditionally the best of bedfellows................no trust there?

Forget the "reformed sinner" and "paid his debt to society" stuff...........go to church if you want that..............real life doesn't work that way because its Gospel is: "leopards don't change their spots"

That is why on this forum I always advise people against breaking rules and doing something that will blight their lives and potential careers.

I find the whole concept of hiring "reformed hackers" rather amusing, as it just won't happen IRL.

It is the kind of myth that spawns the like of Ankit Fadia?

**rapier57** · July 1st, 2005, 12:56 AM

I look at it like this. If they've been on the black hat side once, their moral compass is out of whack. I can work with someone from that side, but wouldn't trust them initially as "ethical hackers" until I've worked with them for some time and have had a chance to verify their salvation.

Everyone is salvagable, even skiddies. It just depends on whether it is worth the time, effort and heartbreak ('cause you can't win 'em all).

I'm getting old. I have limited time and patience.

***Spyder32*** · July 1st, 2005, 02:00 AM

I find the whole concept of hiring "reformed hackers" rather amusing, as it just won't happen IRL.

Actually, I find it amusing myself. However, it's because it CAN happen IRL and it has. I've seen examples of it (friends, online buddies, etc).

**¤The¤Spe©ialist** · July 1st, 2005, 02:36 AM

Let me put it this way... I could ask every member here and most people here are just a couple steps above help-desk. What does that tell you?

***Spyder32*** · July 1st, 2005, 02:41 AM

Let me put it this way... I could ask every member here and most people here are just a couple steps above help-desk. What does that tell you?

Heh, interesting point. I didn't really think of it like that, however... IMHO it still is the wiser choise (again IMO) to go with the person who commits the offense and has the knowhow to do so then the person who watched the 30 minute training video on the attacks. Again, just my thoughts and opinions.

**¤The¤Spe©ialist** · July 1st, 2005, 03:01 AM

Haha... so you would invite an individual such as myself over

**Kidd_Zero** · July 1st, 2005, 04:07 AM

Unethical, but practical, as who better to evaluate your system than one who would potentally steal from it and thus know what to look for but you must pay them well so they wont selll your secrets or steal themselves.

***Egaladeist*** · July 1st, 2005, 04:10 AM

Hi Spec,

But you're not ' reformed '...so...NO!

Eg

**gore** · July 1st, 2005, 04:24 AM

I would. Would YOU feel safe though?

Thread: Hiring Hackers As Security Consultants

Thread Tools

Display

Posting Permissions