SC Magazine: Don’t hire hackers, warns professor
Being a CISSP, I place a certain amount of value in the ethics of security practitioners and have agreed to follow a well defined Code of Ethics. In the same manner, someone who is portraying themselves as a hacker is also saying they subscribe to a certain ethical framework. Do you really want to hire someone who consciously identifies themselves with that morality?
That being said, under the right circumstances, I might give a ‘reformed hacker’ a chance at a job in security. Everyone has made mistakes in their past (yes, even me :-)), and someone who is making a real effort at betttering themselves deserves a second chance. I’d be much more careful about giving that person much system control, but I’d be willing to give them a second chance, under the right circumstances.
I realize that the word ‘hacker’ has a tremendous amount of connotations in popular culture today, many of which are counter to the original meaning. But the meanings currently in use by the general populace probably have more bearing than the original meaning. And that meaning includes the will to perform malicious acts on computers.
I just got back from the Net Optics Think Tank, and it was well worth the 200 mile (round trip) drive. The folks from Net Optics spent most of the morning telling us about some things they are going to potentially be adding to their product line, and asking for input and feedback on their ideas. The afternoon session was given by Richard Bejtlich, author of ‘The Tao of Network Security Monitoring’. Mr. Bejtlich was the main reason I went in the first place, but all things considered, I think the morning session was more productive.
The Net Optics folks are serious about getting feedback from their customers. They took notes, took videos, and pictures, and then made sure to sit with us during the lunch break to get even more feedback. I sat with their Chairman of the Board, Eldad Matityahu, during lunch, and he was intent on listening to what everyone at the table had to say. And we had a lot to say. Net Optics has several interesting ideas coming down the pipeline. I figure it’s up to them to disclose the new products, but one idea I liked was adding a second tap port to several of their existing products. This would allow you to have your IDS solution permanantly wired into the tap, and then attach a protocol analyzer or sniffer when the need arises, without removing the IDS.
Richard Bejtlich is a good speaker and a pretty nice guy to boot. He’s got a few new books in the pipeline, one on forensics with several other authors, and another book on ‘Extrusion Detection’ or monitoring traffic as it leaves the network in order to find compromised boxes. I have no idea when either one will be coming out, but hopefully before the end of the year. He is also starting to offer week long classes on network security monitoring, which I’d love to attend, but between airfare and the class price, it’s just a little out of my price range. If you don’t already have ‘The Tao of Network Security Monitoring’, pick it up. It’s well worth the price.
By the way, they were filming most of the presentation, and asked some of us to answer some questions while on film. I hope for your sake and mine that the pictures of me never see the light of day!