I agree with you if they are truly interested or curious as demonstrated by things like "wow, can you show me?" If they were saying things like "you're a pentester? BS! Prove it!" I would perceive it as baiting from a troll. From Robin's original email, it sounded like the latter.
If someone is truly interested, I don't mind doing a demo. Konboot running from the bootable USB key I keep in my pocket should do the trick pretty impressively. Bart Sent from my Verizon Wireless BlackBerry -----Original Message----- From: Robert McGrew <[email protected]> Date: Wed, 5 May 2010 13:14:43 To: PaulDotCom Security Weekly Mailing List<[email protected]> Subject: Re: [Pauldotcom] party trick to shut up the non-believers On Wed, May 5, 2010 at 11:39 AM, Robin Wood <[email protected]> wrote: > On 5 May 2010 14:14, Bugbear <[email protected]> wrote: >> Guy pestering you sounds like a tool. Personally I would have told him >> to get away from me or I was going to demonstrate how a nose bleeds. >> That wouldn't fit you "legal" requirements I suppose and I have been >> told I need to manage my anger ;) > > Its only happened once and I did just abandon the guy but I was > thinking if it had happened at one of the dull parties that I > occasionally get dragged to the chance to get out a machine and do > some showing off might outweigh sitting around getting bored. Being involved in the offense-side of computer security is perceived as one of the sexiest things you can do in computers/IT (and rightfully so, it's a blast). Because of this, outsiders are likely to express interest in what you do, and I can see no reason to do anything but encourage that perception and interest. A safe, but interesting, demo accompanied by some narration/discussion is a good way to get respect for yourself and others in the field (and is the best way to defuse a troll, if their original intent was trolling). It's good to be able to explain what we do to lay-persons too, so there's some good practice. I think it's better than dismissing them as a troll. Might even meet a woman! -- Wesley McGrew http://mcgrewsecurity.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
