The problem of hiring hackers is the same as hiring consultants. There are a
lot of them. The problem of getting a hacker is even worse. A consultant can
show references which can be checked. A very good hacker will not show his
identity and will not be discovered. How do you have the proof, that you hire
a really good hacker and not just a bragger?
It is something like: why do elephants have blue eyes? That they can hide
themselves on a plumtree. Have you ever seen an elephant on a plumtree? No?!
See how good they can hide themselves on a plumtree!
May beit is a bad translation, but I hope you will get the sense.
Alyea <[EMAIL PROTECTED]> writes:
>
> I agree with Peter - I don't see a problem with HIRING "hackers." The
> problem is when you open a contest to anyone who's interested, there are
> no contractual agreements and prosecuting for inappropriate access
> becomes exponentially more difficult.
>
> To carry the idea further, the only REAL security assessment you are
> going to get is going to be from a "hacker" (and this may require a
> definition of a hacker), not someone who has read alot of books.
... snip ...
> > [Kunz, Peter] And how do you make sure oyu have the right person
> > with the proper experience?
> >
> > cu
> > -pete
have fun ...
--
=========================================================================
Peter Bruderer mailto:[EMAIL PROTECTED]
Bruderer Research GmbH Tel ++41 52 620 26 53
Internet Security Services Fax ++41 52 620 26 54
CH-8200 Schaffhausen http://www.bruderer-research.com
=========================================================================
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
