With much of the news surrounding L0pht with hacker, Mudge aka Peter Zastko, including
the White House security summit, it seems to praise their gray hat model.
�L0pht members describe themselves as "gray hats," on the edge between good and evil
hackers. Besides selling security software, they broke into corporate systems and
alerted the firms to weaknesses.�
http://www.usatoday.com/life/cyber/tech/cth071.htm
�More damning is that L0pht has also gone on record as saying that "governments and
multinational corporations are detrimental to the personal liberties on the Internet."
On the other hand, L0pht's new company, called @Stake, is a specialized professional
services company that will provide a full range of security solutions for the
e-commerce operations of global clients.�
http://www.zdnet.com/enterprise/stories/security/news/0,7922,2420340,00.html
�Back Orifice is a windows trojan developed by the cDc ...The correlation? The Deth
Vegetable, as well as several other Cult Of The Dead Cow Members (including Mudge and
DilDog) are also members of L0pht Heavy Industries (according to membership lists
posted on both cultdeadcow.com and l0pht.com).�
"As far as I'm concerned, an ethical problem would exist in people doing security work
that are also releasing tools useful to hackers, and if that's the case, its l0pht's
problem, not ours." NFR's CEO Marcus J. Ranum told AntiOnline...
http://www.antionline.com/cgi-bin/News?type=antionline&date=05-03-1999&story=l0pht.news
1. Is there an ethical issue with L0pht members developing Back Orifice 2000, the
infamous backdoor, and then profit from a solution that protects against it?
2. With L0pht�s known views on government and corporations, does it make sense
for them to act as main counsel for the White House?
3. Is there an issue with gray hat hackers that break into systems that are then
employed as the protectors of those systems?
4. Are gray hats preferred for securing a firewall than a good security
consultant?
5. Does elevating these gray hat hackers as role models encourage young kids to
break the law in an effort to become like L0pht?
6. Should the press and media be glorifying the gray hat model?
With L0pht, developing exploit tools, raising $10 million from venture capitalist for
their new start-up company, should Mixter, the developer of distributed denial of
service (DDOS) exploit tools, go raise money as well? If they can get Coolio,
Mafiaboy, and Mixter together, they might want to borrow Lopht�s business plan.
Thanks,
-- JA
Jeff Andrews,
Senior Security Engineer
_____________________________________________________________
GET YOUR 6MB SUPER LARGE EMAIL ACCOUNT @ http://www.watchmail.com
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
