hi,
below is my original post.. just to be certain that the perspective is
not warped ;-)) BEWARE OF THE REAL GREY MEN IYKWIM ;-))
( Imagine what they wish us all to be.. just take their word for it ;))
THIS MAY B TOO OPEN SOURCE 4 SOME SO SIMPLY DON'T READ
b.t.w. please adjust settings on your mailer so that one is not required to
make a hard right in order to read your entire post around the hair pin turn
;-) 'nobody' AFAIK is attempting to discredit white hats as the name implies..
or explicitly stating that only grey hats as the alias implies are the only
answer but obviously 'somebodies' are quite envious that Mudge and friends @
the l0pht were publically recognized pedestalled() for their
expertise/contributions in the $SF and wish to shield us all from including
'the children' from the perceived 'evil' of Mudge & friends. again this is a
bunch of 'granola' my read is that most of us respect those who have
contributed to the perceptions in the Security Field of what needs to be solved
such as Mudge' s and /etc paper on PPTP problems .. also "respect everbodies
privacy whatever that is or is perceived 2b" rights to privacy once taken
never return period. IMHO those that imply that somehow they have never
J-Walked.. Never Speeded, Never looked;-)) are the ones that should never be
trusted again only IMHO. ( I would much rather have someone that is
knowledgable take it or leave it on looking from both perspectives or opinions
and hear what they have to say.) HOW MANY HERE HAVE HEARD AND SEEN
THE MAN FROM GLAD THAT IMPLIES THROUGH OBFUSCATED BIG WORDS
THAT YOU COULD HAVE SWORN WERE NOT IN THE DICTIONARY THAT THEIR
PRODUCT WALKS ON WATER? lots i bet on this list.. much rather see and hear from
those not selling vaporware and promises they never really intend to keep armed
by huge war chests that are there real weapon which confuse us all with pretty
faces and glossies.. do you think that its best for the public to be shielded
from reality? ..
Inquiring Mind..
Best Regards,
[EMAIL PROTECTED]
>On Thu, 17 Feb 2000,dreamwvr wrote:
> hi, > > 1. Is there an ethical issue with L0pht members developing Back
Orifice 2000, the infamous backdoor, and then profit from a solution that
protects against it? > well there are several ways to look at it. ever wonder
if any of the virus co > perpetuate themselves? as well as most programs and
services can be always used > for good or evil as can the 'mighty pen' so if a
program is so powerful and > leverages what is available from a system does
that make the program itself > necessarily bad? now look at it by tilting your
head sideways so you see it > from both sides now;-)) how could BO be used for
good? can it be? the argument > is yes.. therefore like most services it
depends on the human factor IMHO. > > 2. With L0pht�s known
views on government and > corporations, does it make sense for them to act as
main counsel for the White > House? > .. the truth is always somewhere in the
middle.. > > > 3. Is there an issue with gray hat hackers that break into
systems > that are then employed as the protectors of those systems? >
> there is a very good article by Farmer on securing ones system by breaking into
> it. (it is recommended reading although dated these days was relevant back
> in the days. still is actually.) that is all that will be said here..
> > 4.
> Are gray hats preferred for securing a firewall than a good security
> consultant? >
> .. some of the very best 'SEC Consultants" R x-hackers.. good SEC people
> need to see it from both ends anyhow again IMHO..
> > 5. Does elevating these gray hat hackers as role models encourage young kids to
>break the law in an effort to become like L0pht?
> again this assumes that gray hats are evil and that there is a "Man from Glad"
> and that done something illegal and are criminals.. what have they been charged
> with?\n;
> > 6. Should the press and media be glorifying the gray hat model?
> .. no comment ;-}
> > With L0pht, developing exploit tools, raising $10 million from venture capitalist
>for their new start-up company, should Mixter, the developer of distributed denial of
>service (DDOS) exploit tools, go raise money as well? If they can get Coolio,
>Mafiaboy, and Mixter together, they might want to borrow Lopht�s business plan.
> L0pht IMHO provides a great deal of public information on the
> subject which can be used for good or evil. would you propose that
> vulnerbilities be cloaked in obscurity? Security best practices and worst
> practices should remain public knowledge otherwise you have security thru
> obscurity which will leave you with the hard crunchy outer shell exposed l
> which if one tilts ones head discovers is quite frail from a side view. How
> many people on this list would be aware of their vulnerbilities if{} this was
> not publicised by L0pht? just curious..
> Best Regards.
--
_______________________________________________________________________
************** DREAMWVR.COM - TOTAL INTERNET SERVICES ****************
TOTAL DESIGN - DEVELOPMENT - INTEGRATION - SECURITY - Click Here..
<http://www.dreamwvr.com/services/MAX_SEC.html>
DREAMWVR.COM - The Console of Many... 90 Topics Covered
<http://www.dreamwvr.com/dynamicduo.html> <mailto:[EMAIL PROTECTED]>
->> LINUX-MANDRAKE Solution Provider and North American Distributor <<-
PRODUCT OF THE YEAR!
<http://www.dreamwvr.com/mandrake/mandrake-main.html>
"===0 PGP Key Available
*************** "As Unique as the Company You Keep." *****************
"If anyone speaks from DREAMWVR.COM its certainly not me:-)"
________________________________________________________________________
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
