-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Well, there are no "gray hats". In my opinion, a hacker (cracker, call
it what you want), is just another kind of felon, and I really don't
care whether a gray hat or any other kind of criminal tries to hack my
systems.
just my 2 cents
Michael
- -----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of jeff andrews
Sent: February 17, 2000 4:33 AM
To: [EMAIL PROTECTED]
Subject: Glorifying gray hats
With much of the news surrounding L0pht with hacker, Mudge aka Peter
Zastko, including the White House security summit, it seems to praise
their gray hat model.
�L0pht members describe themselves as "gray hats," on the edge between
good and evil hackers. Besides selling security software, they broke
into corporate systems and alerted the firms to weaknesses.�
http://www.usatoday.com/life/cyber/tech/cth071.htm
�More damning is that L0pht has also gone on record as saying that
"governments and multinational corporations are detrimental to the
personal liberties on the Internet." On the other hand, L0pht's new
company, called @Stake, is a specialized professional services company
that will provide a full range of security solutions for the
e-commerce operations of global clients.�
http://www.zdnet.com/enterprise/stories/security/news/0,7922,2420340,00.
html
�Back Orifice is a windows trojan developed by the cDc ...The
correlation? The Deth Vegetable, as well as several other Cult Of The
Dead Cow Members (including Mudge and DilDog) are also members of
L0pht Heavy Industries (according to membership lists posted on both
cultdeadcow.com and l0pht.com).�
"As far as I'm concerned, an ethical problem would exist in people
doing security work that are also releasing tools useful to hackers,
and if that's the case, its l0pht's problem, not ours." NFR's CEO
Marcus J. Ranum told AntiOnline...
http://www.antionline.com/cgi-bin/News?type=antionline&date=05-03-1999&s
tory=l0pht.news
1. Is there an ethical issue with L0pht members developing Back
Orifice 2000, the infamous backdoor, and then profit from a solution
that protects against it?
2. With L0pht�s known views on government and corporations, does it
make sense for them to act as main counsel for the White House?
3. Is there an issue with gray hat hackers that break into systems
that are then employed as the protectors of those systems?
4. Are gray hats preferred for securing a firewall than a good
security consultant?
5. Does elevating these gray hat hackers as role models encourage
young kids to break the law in an effort to become like L0pht?
6. Should the press and media be glorifying the gray hat model?
With L0pht, developing exploit tools, raising $10 million from venture
capitalist for their new start-up company, should Mixter, the
developer of distributed denial of service (DDOS) exploit tools, go
raise money as well? If they can get Coolio, Mafiaboy, and Mixter
together, they might want to borrow Lopht�s business plan.
Thanks,
- -- JA
Jeff Andrews,
Senior Security Engineer
_____________________________________________________________
GET YOUR 6MB SUPER LARGE EMAIL ACCOUNT @ http://www.watchmail.com
- -
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.0.2 for non-commercial use <http://www.pgp.com>
iQA/AwUBOKvoqwSpgMsGGd9UEQIzeACeLeKTJDyktKTgX9ouE5lPi/SmJEkAn2PK
2bwzLGynzRH7YrKitFytghsT
=1dLR
-----END PGP SIGNATURE-----
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
