----- Original Message -----
From: Vos, Arjan <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, April 01, 1999 9:14 AM
Subject: FW: Hacking Contest ?
> > P.L. Steinbruch wrote:
> >
> > Since last time,when we discussed this matter,I have a feeling that some
> > people post in this list just for free ad.
> > I would like to hear from you about the virtues of Bruce Schneier's
paper
> > other than to advertise Security Professional Services.
>
> Virtues of Bruce Schneier's papers? It sheds some lights on the issue -
and
> whether you agree or disagree is a matter of personal taste I suppose....
It's not. It is a matter of first order logic.His paper *is* fallacious(any
first quarter mathematical based university course student can prove it)and
anyone whose use it as an assumption is fallacious too.
>
> Also I am not trying to sell Security Professional Services! Read the
thread
> carefully, I started out with naming "guys who really know security" and
> that's all what I meant... But, *yes*, most of the times it are Security
> Professional Services that can do testing in a *controlled* way!
I think tou should read *carefully* the thread again,mainly what you
*really* wrote.
>
> > I don't desagree about to hire professional services,on the contrary.
> > I do desagree about to use fallacious assumptions to justify a
> position;this
> > is neither correct nor professional.
>
> I am sorry that you see the posting as "using fallacious assumptions to
> justify a position", this was not my intention at all.
See above.
But with you
> interpreting it as such and with you doing some further nitpicking on
> signature issues,
Nitpicking ? You said that,put your words in my mounth,then you discuss your
own ideas as if them were mine.
Of course,this is just another irrelevant fact.
makes me think that maybe you are one of those script
> kiddies
Unfortunately not.May be when I grow up....
or a "wannabe a guy who know security".
Not at all. This is reserved to you and your crew.
> Please if you want to say something, say something useful, do no just blow
> air!
>
Lets do it !
1) A hacking contest is ,IMHO, a bad idea because the *real* guys may decide
to enter it ;not just to win the prize but to have one place more to explore
and use as a base to launch attacks to other sites.This is mainly
possible,when who is in charge of the contest is not a team with security
expertise(which was the case we were discussing).
2)There is people *out there* that do anything to sale their
services;usually they present papers(may be I should
say "white papers" ?) to reinforce their position.Unfortunately,sometimes
they don't read the paper that they present or worse they just don't
understand the paper.When confronted with the facts they say : "I'm
sorry,this was not my intention at all".
Be aware of those people !
Best Regards.
PL Steinbruch
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
