On 2010/05/03 11:54 AM, Robin Wood wrote: > At a party the other day I was asked the normal question of what do I > do for a living. I said security and kept it a bit vague but was > pressed so explained what pen-testing is and roughly what I do. I then > got the challenge, prove it, prove you can hack a company.
Holy crap, what kind of parties do you go to? That's an ignorant challenge from an idiot, and in your place I'd have felt perfectly comfortable saying that, only with (lots) more cusswords. > anyone got any good party tricks that they can pull in this kind of > situation that give an instant wow but are easy to do and legal? Not > quite legal but I was thinking if I knew any big sites with XSS I > could rewrite but none came to mind at that time. Carry around a copy of DVL with you? Somebody so idiotic as to think they can challenge you like that wouldn't recognise if it was a "real" company. Honestly though, I wouldn't give a nutjob like that the time of day or the satisfaction of having called you out. Do they ask plumbers to prove they can weld copper, or Crown Attorneys to prove they've convicted somebody? Jeez, I used to be in the infantry, I can't even _imagine_ what they might have asked me to do - "prove you can shoot somebody centre of mass from 300m"?! Mike _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
