Interview with a blackhat

Khannie · 25-08-2015 01:02PM #1

Interesting read:

https://blog.whitehatsec.com/interview-with-a-blackhat-part-1/

Keyzer · 26-08-2015 10:20AM

Fascinating stuff, really interesting.

Kinda makes me feel the majority of the info sec field is a waste of time and money. Seems like the general theme to most of these attack vectors are down to lack of skills, naivety and stupidity (various combos).

I've said it before to clients, you can put all these controls and technology (which from reading this article are generally useless anyway against a skilled external attacker) in place but if you leave your front door open then you might as well not bother.

anvilfour · 26-08-2015 10:55AM

Keyzer wrote: »

Fascinating stuff, really interesting.

Kinda makes me feel the majority of the info sec field is a waste of time and money. Seems like the general theme to most of these attack vectors are down to lack of skills, naivety and stupidity (various combos).

I've said it before to clients, you can put all these controls and technology (which from reading this article are generally useless anyway against a skilled external attacker) in place but if you leave your front door open then you might as well not bother.

In fairness he does say that there are some basic precautions sysadmins can and don't take!

Keyzer · 26-08-2015 11:07AM

anvilfour wrote: »

In fairness he does say that there are some basic precautions sysadmins can and don't take!

Which, for the most part, aren't considered or implemented due to a lack of skills, naivety and stupidity as I mentioned.

Interview with a blackhat

Comments