Looks like he rewrote it and clarified what he meant to say. I think this is a lesson on why you really should proofread stuff and ask someone else to go over your writings before you publish something.
On Mon, May 3, 2010 at 5:44 PM, Sec News <[email protected]> wrote: > Did anyone else see this? > > http://blog.eeye.com/vulnerability-management/penetration-tools-can-be-weapons-in-the-wrong-hands > """ > Penetration Tools Can Be Weapons in the Wrong Hands > Author: Morey Haber Date: May 3rd, 2010 Categories: Network Security, > Vulnerability Management > > After a lifetime in the vulnerability assessment field, I’ve come to look at > penetration testing almost as a kind of crime, or at least a misdemeanor. > > We enjoy freedom of speech, even if it breaks the law or license agreements. > Websites cover techniques for jailbreaking iPhones even though it clearly > violates the EULA for Apples devices. Penetration tools clearly allow the > breaking and entering of systems to prove that vulnerabilities are real, but > clearly could be used maliciously to break the law. > > Making these tools readily available is like encouraging people to play with > fireworks. Too bold of a statement? I think not. Fireworks can make a > spectacular show, but they can also be abused and cause serious damage. In > most states, only people licensed and trained are permitted to set off > fireworks. > > Now consider a pen test tool. In its open form, on the Internet, everyone > and anyone can use it to test their systems, but in the wrong hands, for > free, it can be used to break into systems and cause disruption, steal > information, or cause even more permanent types of harm. > > How many people remember the 80’s TV show Max Headroom? Next to murder, the > most severe crime was if users illegally used information technology systems > to steal information or make money. There was tons of security around these > systems and even possession of tools to penetrate a system was a crime too. > So what’s the difference? > > Yes, it is just a TV show but in reality today we are in effect putting > weapons in people’s hands, not tracking them, and allowing them to use them > near anonymously to perform crimes or learn how to perform more > sophisticated attacks. It all comes back to the first amendment and Freedom > of Speech. I can write a blog of this nature, state my opinion about how I > feel about free penetration testing tools, and assure everyone that they > need defenses to protect their systems, since free weapons are available > that can break into your systems – easily. > """ > WOW - am i the only one to go WTF to this? Talk about alienating your > customers and shitting where you eat. > And to think i used to be a fan... > - Some anonymous ex-eEye fan > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
