mailing list archives
Re: Fwd: Rate Stratfor's Incident Response
From: Valdis.Kletnieks () vt edu
Date: Mon, 09 Jan 2012 14:54:55 -0500
On Mon, 09 Jan 2012 20:00:11 +0100, "J. von Balzac" said:
Valdis you make me curious - how do you know that most are kids, and
Note that it wasn't me who suggested hiring script kiddies to do pen tests. I
was pointing out why it wouldn't work.
Isn't it more likely that the people who massively pwned Stratfor are
indeed mature and serious?
If they're mature, serious, and pwning machines like that, they're heavy duty
black hats (pretty much by definition). What are the chances they'll want to
take a consulting gig doing a pen test (which would require they come out of
Yes, there's a few people working both sides of the fence. *VERY* few, and
certainly not enough to make it feasible in general to hire one to do your
pentests. And again, there's that whole "Do you really want to hire a known
black hat" issue to work around.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/