“Hi there, my name is Goody Two Shoes, am here to provide you with a service you cannot refuse. I am a certified ethical burglar, I bugle your home, office or company at a fee and then tell you how I did it so you can protect against it. It is like a simple fire alarm test.”
If someone walked up to you to pitch this would you listen or would you walk? One thing I have noticed is that people do not realize the seriousness of privacy breach and identity theft; people can exist and cease to exist solely from computer manipulation, houses investment and even confidential medical records that can have life altering effect can be altered with just a few strokes of the keyboard. The same absurdity, with which you would dismiss Mr. Goody Two Shoes, is the same way I see ethical hacking.
Yes, these people are trained and they have a code of ethics, doctors swear oaths yet we still have rotten apples amongst them. If this charade is going to be allowed to continue I think the onus is on the companies that hire them to monitor them thoroughly; who is to say if sensitive information that these people come across will not be sold to the highest bidder, and if things go badly in the relationship between the company and the hacker a lot of damage can be inflicted. A movie to see to understand the gravity of this is “The Net” 1995.
Whether there is law or not, somethings should not be made legal, or glorified. The same way people do not call burglars to there home to test out there alarm system and security features, things like this should not be done. ethical hacking code is what I call honor amongst thieves, that is if such a thing exists. One thing I noticed while researching this is that on the internet there are not that many sites that tell people what ethical hacking really entails or what it really means, but they have tons of sites promoting training and classes to become a CEH (Certified Ethical Hacker). All what this is, is just business, people trying to make money out of something that used to be illegal.
Someone once wrote "ethical hackers are the guardians who attempt to break into corporate sites, and once they have managed that and found loopholes, they try to get it repaired". In response, like someone had told me before " you never know when the good guy will turn bad". Companies that hire these people, one question for them, what steps are they taking to ensure the these hacker are acting buy the book. Like the saying goes ' the road to hell, is paved with good intentions". Remember relationships turn sour, even business ones, and it is these guardians that help you build up the defenses they breached, so they still know how to breach it. One thing I have learned is that people like keeping a trump card so the do not get the short stick. So while we are all singing ethical hacker lets remember that everyone has a breaking point. Situations can lead even good people down evil paths. White hat, black hat or gray hat , they are not transparent.
One of the hardest place to police is the web, lets be real people. People have so many identities online these days that is is sometimes hard to catch even inexperienced crooks. Now lets talk about people who have received the training to do this, who know the ins and outs of online and computer security. If an expert hacker is serious they can cover their track and do as they please without being caught. So as far as I am concerned ethical hacking is something that we wish to exist but does not.
http://en.wikipedia.org/wiki/Hacker_(computer_security)
http://en.wikipedia.org/wiki/Identity_theft
http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci921117,00.html
If someone walked up to you to pitch this would you listen or would you walk? One thing I have noticed is that people do not realize the seriousness of privacy breach and identity theft; people can exist and cease to exist solely from computer manipulation, houses investment and even confidential medical records that can have life altering effect can be altered with just a few strokes of the keyboard. The same absurdity, with which you would dismiss Mr. Goody Two Shoes, is the same way I see ethical hacking.
Yes, these people are trained and they have a code of ethics, doctors swear oaths yet we still have rotten apples amongst them. If this charade is going to be allowed to continue I think the onus is on the companies that hire them to monitor them thoroughly; who is to say if sensitive information that these people come across will not be sold to the highest bidder, and if things go badly in the relationship between the company and the hacker a lot of damage can be inflicted. A movie to see to understand the gravity of this is “The Net” 1995.
Whether there is law or not, somethings should not be made legal, or glorified. The same way people do not call burglars to there home to test out there alarm system and security features, things like this should not be done. ethical hacking code is what I call honor amongst thieves, that is if such a thing exists. One thing I noticed while researching this is that on the internet there are not that many sites that tell people what ethical hacking really entails or what it really means, but they have tons of sites promoting training and classes to become a CEH (Certified Ethical Hacker). All what this is, is just business, people trying to make money out of something that used to be illegal.
Someone once wrote "ethical hackers are the guardians who attempt to break into corporate sites, and once they have managed that and found loopholes, they try to get it repaired". In response, like someone had told me before " you never know when the good guy will turn bad". Companies that hire these people, one question for them, what steps are they taking to ensure the these hacker are acting buy the book. Like the saying goes ' the road to hell, is paved with good intentions". Remember relationships turn sour, even business ones, and it is these guardians that help you build up the defenses they breached, so they still know how to breach it. One thing I have learned is that people like keeping a trump card so the do not get the short stick. So while we are all singing ethical hacker lets remember that everyone has a breaking point. Situations can lead even good people down evil paths. White hat, black hat or gray hat , they are not transparent.
One of the hardest place to police is the web, lets be real people. People have so many identities online these days that is is sometimes hard to catch even inexperienced crooks. Now lets talk about people who have received the training to do this, who know the ins and outs of online and computer security. If an expert hacker is serious they can cover their track and do as they please without being caught. So as far as I am concerned ethical hacking is something that we wish to exist but does not.
http://en.wikipedia.org/wiki/Hacker_(computer_security)
http://en.wikipedia.org/wiki/Identity_theft
http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci921117,00.html
No comments:
Post a Comment