Hey, Just wanted to follow-up on the hacking contest that I might have run to help improve security. I decided not to do so. The final clincher was this... the hacking contest was supposed to help increase overall security, by creating the possibility for exposing system exploits before we went "live". The idea was to then patch up these vulnerabilities and have a more secure system. This logic was defeated in the end by the notion that a good hacker with any decent exploit would not reveal that prize exploit. So I would have to simply trash whatever exploited system I had with alternative systems. The latter system would probably have even more exploits than the original system, as the original one was the best that I could find to begin with (longest history, etc.) Finally then, what would be an attempt to increase security, would actually decrease it in a worst case scenario of someone "winning". If no one won, then nothing would be proved, and a bunch of time wasted. Thanks all for you feedback. Its was good to air out the pros and cons about this issue. The above conclusion I came to did involve those opinions, and I am only trying to express the "clincher" that pushed me not to run with the contest. --Joshua - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
