Forwarded from: Richard Forno <rfornoat_private> Cc: akindofmagickat_private So what if this kid wrote a book that was picked up by a major publishing house? Booksmarts and academic knowledge are NO substitute for wisdom gained through experience and time. As Ferrel said earlier, this kid's precocious and has a few things going for him. If he was common-sense smart (not just book smart) he'd finish formal schooling and get a job somewhere with his 'hobby' of security research on the side. If he plays his cards right, he'll have a very enjoyable career once he isn't perceived as 'just another kid' that got a lucky break or two. That being said - and I've not checked his book out or anything - I wish him well.....I've encountered many teenagers that I'd trust in positions of responsibility, but only after they've 'done their time' in school and have a real-world appreciation of the workplace and corporate environments. The foreign national / IT security issue is a years-old one going back to the hysteria before Y2K....do we allow someone that's untrusted, uncleared, and from a foreign land have access to our electronic crown jewels? From a security perspective, If any entity of the USG is so desparate that it hires a security consultant that's still learning the ways of the world, and does so from a foreign country - especially in today's alleged 'heightened security' environment, that does not speak well for the judgement of that USG entity, and probably goes against some provision of one of the new anti-terror or security laws/regulations that's out there, and the risks/costs outweigh the benefits. True, a consultant may be cheaper, but if you continue sacrificing security for convienience (or cost) we're never going to get out of this security quagmire we're in. I'm not against teenagers doing consulting, I just find this particular situation a little strange as far as the USG is concerned, assuming they actually hired this kid. rf infowarrior.org > From: InfoSec News <isnat_private> > Reply-To: InfoSec News <isnat_private> > Date: Mon, 22 Apr 2002 04:03:15 -0500 (CDT) > To: isnat_private > Subject: RE: [ISN] Indian hacker turns cyber cop > > From: Sheri Moreau <akindofmagickat_private> > > [Is the U.S. Govt that hard up for consultants that its hiring > 16 year old former defacers to work as intelligence consultants > in information security? - WK] > > William, > > Not to pick any bones, but.. it's a lot cheaper to hire a consultant > in India to work in India than it is to hire an American and get him > to go live in India... it amazed me when I worked in Silicon Valley > just how many companies are jobbing out work over there cuz it's so > cheap (and soooo insecure!!). Without knowing any more than what the > article said, this kid seems to have done one defacement two years ago > (forgiveable for a 14 year old), admitted it concurrently with the > defacement and suggested the defaced site improve their security, and > then written a book that MACMILLAN for heaven's sake, saw fit to > publish a year later. > > The un-named "US Government agency" he works for could be any civilian > agency with a contract to the US government, ya know... the moniker is > often a matter of semantics when it comes to the media. Could be > Lockheed or Intel or anyone... - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Apr 23 2002 - 02:43:23 PDT