So what do you guys think about part time hackers that attempt a breakin,
post general results on a website, and then ask for payment to fix your
problems?
Just curious...
Please direct all responses to the newsgroup so that all may benefit from my
lack of wisdom!
----- Original Message -----
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, April 04, 2000 9:20 PM
Subject: RE: Security holes revisited -- reward offered
> Mike,
>
> While it might not sound like it from my prior post, I agree with you.
The
> issue is why pay someone with an axe to grind to penetrate your system.
But
> whether he gets paid or not, my gut says the kid will try anyway just to
get
> back at the webmaster. Would I pay him? No way.
>
> However, should he succeed, or if the threat feels warranted, I would
> definitely consider hiring a "tiger team" to review my security and as you
> mention, under a contractual agreement, attempt to infiltrate security.
Any
> team that is worth hiring, will have such agreements to sign when you hire
> them, because they want to be legally protected should they succeed. This
> kid, however, is most likely going to break the law in his efforts if he
> decides to, and manages to succeed in, modifying the web site or mis-using
> information technology owned by the site. Unfortunately, it sounds like
> even if he did, he might get a break from the owner, and that's the real
> injustice here.
>
> Best of luck to the webmaster...
>
> --Doug
>
> -----Original Message-----
> From: Mike Sheldon [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, April 04, 2000 3:29 PM
> To: [EMAIL PROTECTED]
> Subject: RE: Security holes revisited -- reward offered
>
>
> I have to violently disagree with this.
>
> The individual in question is not a reputable security expert, he's a kid
> with an axe to grind.
>
> I would never use any security group who cannot post a bond against any
> potential damage they may cause in the act of attempting to penetrate the
> system.
>
> Michael J. Sheldon
> Internet Applications Developer
> Phone: 480.699.1084
> http://www.desertraven.com/
> PGP Key Available on Request
> --------------------------------------------------------------------------
----
> Archives: http://www.eGroups.com/list/cf-talk
> To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.
>
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
