> We argue that practical experiences with real security failures should
> be a central part of university degree level education.
Do you use your university network for research in this area?
As far as I know, your university has an active security team, that's
why I'm asking. Usually, it's not possible to investigate the
interesting things you discover in detail because of pressure from
day-to-day business. When I worked in a similar environment, I often
wished I could share some of my discoveries with people who had the
time and knowledge to pursue them further. The people I was working
with faced the same problem, of course.
> Furthermore, our main claim is that the quality of data security
> professionals with university degree can only be improved if
> \emph{offensive} aspects like writing exploits or network sniffing
> are integrated into the curriculum.
Network sniffing is offensive? What's next? strace and debuggers too?
By the way, blocking sites such as these *is* offensive:
http://citylegacy.com/
http://conceptorg.com/
http://foreignlanguagecourses.com/
http://generalsealants.com/
http://hpaphotographers.com/
http://kinggroup.com/
http://kspb.org/
http://saintmichaelschurch.org/
http://scopereport.com/
Actually, doing this properly would be an interesting research
project. 8-)
_______________________________________________
Dailydave mailing list
Dailydave_at_lists.immunitysec.com
https://lists.immunitysec.com/mailman/listinfo/dailydave
Received on Jan 10 2005
Intro
