[ISN] The Fruit of the Poisoned Tree

From: InfoSec News <alerts_at_private>
Date: Thu, 3 Dec 2009 00:42:48 -0600 (CST)
http://www.networkworld.com/news/2009/113009-criminal-hackers.html

By M. E. Kabay 
Network World 
12/02/2009 

Should we hire criminal hackers as security experts? This is the second 
of a two-part attack on the idea from a 1995 debate in which I 
participated.

* * *

On a broader scale, consider the message you would be giving some 
thirteen year old proto-hacker. These kids, like most kids, are 
tremendously susceptible to peer pressure. They already find criminal 
hacking attractive because it's viewed as today's counter-culture -- 
something fairly harmless (compared with, say, dealing drugs) but 
exciting because it's illegal. Now imagine that the older creeps can 
announce that they've just been hired by The Man (i.e., authority 
figures) to work in counter-intelligence, snooping in foreign companies' 
files for money (you don't imagine they'd keep it quiet, do you?) -- Oh 
man -- not only is criminal hacking glittering with the allure of the 
forbidden now, but you can hope to earn money with it from the 
government!

The children and emotionally-arrested adolescents involved in criminal 
hacking already have a love/hate attitude towards The Man. Many of them 
claim that they'd like to work for security firms when (if) they grow 
up. This myth that criminal hacking is a reasonable basis for work in 
security would become even more pernicious if it were known that more 
hackers had in fact been solicited and used by government or corporate 
organizations. Using such people would reinforce the attractiveness of 
criminality.

Consider the outcry if the military in a democracy actively solicited 
murderers to be soldiers. The great challenge of military training is to 
temper savagery with honor; to provide a moral framework within which 
war is viewed as undesirable, killing as regrettable. A soldier who lies 
is a stain on his unit's honor. A soldier who steals is a wretch who 
deserves expulsion. And a soldier who breaks his word is a traitor to 
his country. And so how shall we deal with people whose entire way of 
life is to lie and to steal and to cheat?

[...]


________________________________________ 
Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 
http://www.infosecnews.org
Received on Wed Dec 02 2009 - 22:42:48 PST

This archive was generated by hypermail 2.2.0 : Wed Dec 02 2009 - 22:50:00 PST