What keeps a good security guy from turning to the dark side

I’m reading the excellent Blackhatonomics right now. And one thing I read in it reminded me of a question that someone asked me last year. I was probably the third or fourth guy with an advanced security certification he’d met, and he asked me one day what it is that keeps us from turning criminal.

I said, “Well, for one thing, good guys have much longer careers.”

I didn’t cite a specific example, but Blackhatonomics cited the case of Albert Gonzalez, the infamous hacker convicted of breaking into TJX, Dave & Buster’s, and others. His crime spree, which ended when he was captured in 2008, netted him $2.98 million.

He was convicted in 2010, and had to give back what was left of his fortune, and now is serving 20 years in a minimum-security prison.

I like my approach better. Read more

CPE opportunity: Exploding the Phone

This week Cnet interviewed Phil Lapsley, the author of Exploding the Phone, a book about the early history of phone phreaking.

Phone phreaking is absolutely fair game for the CISSP exam. I couldn’t tell you anymore how many phone phreaking questions I had to answer, but let me just say I’m glad I’d read those pages in the CBK about phone phreaking.

Read more

WordPress Appliance - Powered by TurnKey Linux