Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Re: Is there a scam in Security Certifications

Re: Is there a scam in Security Certifications

From: Pete Herzog <lists_at_isecom.org>
Date: Fri, 02 Jun 2006 18:04:43 +0200

Hi,

Wyoming apparently has a problem with diploma mills. You can see it in
this list:

http://www.k12.wy.us/F/psl/degree.html

Then there is this article which says:

_Board postpones private school license_ By JENNI DILLON
Star-Tribune staff writer Thursday, November 17, 2005

"EC-Council University will have to wait a while longer for a license to
operate in Wyoming, the state Board of Education said Wednesday."

"...Colleen Anderson, who works in the department's finance office, said
the department has concerns about the school's relationship with
EC-Council, another corporation with the same owners that issues
certificates in the same subjects and produces textbooks and curriculum.
She said the department also is unsatisfied with financial documents
provided by the university and about students who could misread implied
claims of accreditation by the university."

http://www.casperstartribune.net/articles/2005/11/17/news/casper/9376670ca7785260872570bc00068e27.txt

There's nothing wrong with providing certification in a manner that
proves a person's ability to do something outside of the university
system. But diploma mills are a problem and an embarrassment for those
who are caught with them:

http://www.reason.com/0501/fe.ps.cut.shtml

I am afraid of possibly falsely marketed diplomas and even more scared
of the people who buy them. In this socially and digitally networked
world, we are all reliant on each other to what we say we can do. Lack
of ability has caused many problems from small to grand
(http://www.wired.com/wired/archive/14.06/start.html?pg=9) over the
years and as we need to depend on someone in a position knowing how to
do his/her job. In security, maybe some of you think (oh it's only for
testing web pages) but maybe that's just today. The pen tester today is
in a good position to be tomorrow's transport security auditor, security
manager, electronic health inspector, network medical technician, etc.
The fact that there are so many security personnel out there with
fictitious or fraudulent knowledge and ability (known or unknown to
themselves) is a very scary thing to me.

You can look up info on diploma mills yourself:

http://www.web-miner.com/deunaccredited.htm

http://www.degree.net/html/diploma_mills.html

Sincerely,
-pete.

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request_at_cenzic.com for details.
------------------------------------------------------------------------------
Received on Jun 02 2006

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos