From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of
yahoo () localhost
Sent: Sunday, October 17, 2004 7:58 AM
To: full-disclosure () lists netsys com
Subject: Re: [Full-Disclosure] Full-disclosure Posts
On Sat, 16 Oct 2004 19:13:18 -0700, Etaoin Shrdlu
<shrdlu () deaddrop org> wrote:
Of course, anyone still using the term "hax0r" as though it were
meaningful might want to think further about what a "security
professional" might be
A security professional is someone who cares more about money
than the real issue of security at where they work. They
don't go the extra mile for the interests of security at
where they work, as they don't want to risk the job they're in.
My view is corporations should not employ uni graduates and
thirty-somethings to work in a security team. They very
likely still can't open a can of beans and certainly have no
idea about the real issues which face them. They follow
company policy and go home at the end of the day, and switch off.
The people who should be working at a security team should be
volunteers who have the real interests of the company in
mind, instead of money.
The security professional as we know it (uni graduate and 30
something) is not a hax0r, they are ph.d or whatever who are
skilled on an academic level, and thats as far as it goes,
which in my opinion isn't far enough.
Being a security professional is ment to be about passion,
strictly not money, in my humble opinion.
Stop employing academics and get the hackers in to do the job
properly, unpaid of course, at least to start off with, to
make sure they're joining the company for the right reasons. ;-)
Full-Disclosure - We believe in it.