Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Businesses Security The Almighty Buck

Should You Hire a Hacker? 237

Posted by CowboyNeal from the old-tricks-or-fresh-starts dept.
fabioj writes "Business Week has an article about today's debate at the RSA Security Conference held at the Moscone Center attended by Kevin Mitnick and his 1995 trial prosecutor, Christopher Painter. Interesting to note that Painter doesn't see Kevin Mitnick's experiences as a deterrent for the 'up-and-coming technology workforce' to criminally hack."
This discussion has been archived. No new comments can be posted.

Should You Hire a Hacker? More

Should You Hire a Hacker?

Comments Filter:

  • dupe (Score:2, Informative)

    by Anonymous Coward
    ....I said...duplicate...

  • Rant Redux (Score:4, Funny)

    by limekiller4 ( 451497 ) on Thursday April 17, 2003 @11:39PM (#5757273) Homepage
    I don't know if I should hire a hacker but I do know that Slashdot should hire a copy editor.

    • Re:Rant Redux (Score:5, Funny)

      by SmartGamer ( 631767 ) <sgamer@@@swbell...net> on Thursday April 17, 2003 @11:42PM (#5757289) Homepage
      I think they do. It seems that all the articles are copied from yesterday.

    • Dupe of Earl (Score:3, Funny)

      by Anonymous Coward
      Dupe Dupe Dupe
      Dupe of Earl
      Dupe Dupe
      Dupe of Earl
      Dupe Dupe
      Dupe of Earl
      Dupe Dupe

      whe-en I-eee waaaalk though this world
      nothin can stop me, I'm the Dupe
      I walk free-eely in my Dupedom
      Cause nothin' can stop me, I'm the dupe of earl.

      Maybe it's not a dupe, maybe it's a Poll Collision?

      Personally, I like dupes... things should be considered more than once. Two closely spaced conversation reveal another dimension, the dimension of time, the fluctuflowations of the think.

      But then, that's because,

      I'm the Dupe of Ea

  • Yawn ..... who cares. (Score:2, Insightful)

    by Anonymous Coward
    Kevin is a criminal.

    It's not any of our fault that he decided to turn to the dark side and hack sun, and many other cell phone vendors. Really.

    Stop giving him so much sympathy. I for one as a honest person am tired of hearing about this frickin criminal! Yes! Criminal!

    • Wrong. (Score:1, Informative)

      by Anonymous Coward
      You're wrong when you say he is a criminal. It would be more correct to say that he did violate some laws in the past. His crimes were relatively minor. He did not, for example, kill anyone. Nor did he injure anyone. Through enormously creative deception, he gained possession of data he wasn't supposed to have. He did not attempt to sell that information or extort money from its original owners. Please, keep some perspective.

      • Re:Wrong. (Score:5, Insightful)

        by jhigh ( 657789 ) on Friday April 18, 2003 @05:43AM (#5758282)
        Breaking the law is breaking the law is breaking the law. While you may not agree with the laws in place, you are assuming a certain amount of responsibility when you break them. I speed all the time, as I'm sure most of us do. When I speed I am well aware of the risk that I may get caught and have to pay a ticket. I weigh the risk against the benefit, and speed to my heart's content.

        Mitnick broke the law. You're right, he didn't kill anyone or molest any small children or anything. But he did break the law, and there are consequences of that. A significant consequence is not being trusted in the infosec industry. The data that is being protected on these networks is just too important to gamble on someone who may or may not have "turned over a new leaf." Especially when there are more than enough excellent professionals with clean records out there.

        I also like the point that allowing Mitnick to work in this industry only encourages the generation coming up now to violate the law. Or, if you think that's a stretch (which I don't), the fact that we can attempt to dissuade the younger generation from becoming black hats by making it clear that there is no place for them in the infosec industry. Whether or not Mitnick or any other black hat is qualified...we should use this opportunity to send a message that crime really doesn't pay (corny, I know).

    • Sounds Like He is Management Material (Score:5, Funny)

      by yintercept ( 517362 ) on Friday April 18, 2003 @12:18AM (#5757447) Homepage Journal
      I for one as a honest person am tired of hearing about this frickin criminal! Yes! Criminal!

      Sounds like this Mitnick guy is management material. Criminal action shows initiative. It shows that he will do what it takes to get ahead.

      Most of our society looks at the criminal as a superior form of being not tied to the conventionalities of the honest man (ie peasant). But there is a big problem with that getting caught thing. If he was a criminal who hadn't been caught...well, there is there is no end to how far he could go in the American corporate structure.

      Who knows, he could have been CEO? I suspect most CEOs have done far worse things than Kevin Mittnick on their back stabbing drives for power. Unfortunately, there is a gentleman's agreement on being caught, tried and covicted.

      Hiring a felon might get people looking closer at what companies actually do, and how the insiders funnel off profits. It would be far too risky to hire the man.

  • Morality, is it absolute? (Score:5, Interesting)

    by The Only Druid ( 587299 ) on Thursday April 17, 2003 @11:40PM (#5757284)
    I know this wont be a popular viewpoint here on slashdot, but perhaps we shouldn't reward people who break laws [by hacking] by giving them a job?

    I dont mean to suggest either that (a) we should ignore a potentially powerful resource, or that (b) all hackers are necessarily immoral. However I personally would be quite upset if I were a security advisor who abstained from illegal activity, and a former hacker was hired to either replace or supervise me.

    Also, from a devil's advocate position, I'm thinking this is akin to the hiring of former insider-traders to work on preventing further cheating. Basically, we're inviting the dog back into the pantry.

    Please dont mod this as a troll, since I'm being serious here.

    • Re:Morality, is it absolute? (Score:5, Insightful)

      by m0rph3us0 ( 549631 ) on Thursday April 17, 2003 @11:46PM (#5757308)
      Idea: Hire the best person for the job. Sometimes that is Kevin Mitnick sometimes that is Theo De Raadt, it depends on whether you need pen testing done or secure software written.

      I was thinking of getting a subscription to see posts early but I realized with the amount of dupes i was already seeing posts days in advance
      • Hire the best person for the job.

        minor rant (pen testing... heheh) anyway, back to the minor rant.

        This drives me nuts. Hire the best person. I hear this a lot in conversations about affirmative action or related judgement questions like this article raises, where one considers adding some "weighted criteria" into the situation.

        The idea of "choose the best for the job" is false. There is no objective determination of this for the vast majority of jobs. You are guessing a persons potential. You are g
      • Re: "Hire the best person for the job"

        As I see it, with every job I've had there were times when I was the best person, and some projects where I wasn't.

        The universally perfect employee doesn't exist, so:
        Should all employees be reduced to 'consultants', without job longevity or benifits, because they won't be best for the job at some point?

        I really wonder. I hear this 'best for the job' argument a lot, and I don't completely get it. Perhaps someone will give me insight.
      • Idea: Hire the best person for the job. Sometimes that is Kevin Mitnick sometimes that is Theo De Raadt, it depends on whether you need pen testing done or secure software written.

        Except when the "best person" is a criminal. You don't hire pedophiles to run a daycare center no matter how good they are with kids. There's a line to be drawn between having skills and using them responsibly and having skills and misusing them. I don't care if you're the greatest "security expert" in the world if I can't tr

        • Except when the "best person" is a criminal. You don't hire pedophiles to run a daycare center no matter how good they are with kids.

          Oh, right, compare Kevin with the kid-fuckers. The thing that separates them from other felons (aside from the nature of their victims) is that they usually have a compulsion to go after kids that is very hard to ignore. Most criminals aren't like this: a convicted bank robber can open a checking account without the urge to rob the bank again.

          Yeah, Kevin did some things

    • Re:Morality, is it absolute? (Score:5, Insightful)

      by Feztaa ( 633745 ) on Thursday April 17, 2003 @11:49PM (#5757325) Homepage
      perhaps we shouldn't reward people who break laws [by hacking] by giving them a job?

      If that person is reformed, why not? They'll have a hard enough time finding a job with a criminal record, at least they should be able to get jobs in areas where they've proven themselves competent.

      Of course, if the person is a repeat offender and they've proven themselves untrustworthy, that's a different can of worms. But if it's just one offence, and they've subsequently cleaned up their act, then what's the problem?

      • Re:Morality, is it absolute? (Score:1, Funny)

        by Anonymous Coward
        They'll have a hard enough time finding a job with a criminal record, at least they should be able to get jobs in areas where they've proven themselves competent.

        Competent? They got caught...

      • Two good points you made:

        If they've served their debt to society, and they appear to have truly reformed, then hiring them is expedient and possibly noble.

        However, Mitnick is an unrepentant repeat offender. I wouldn't let him pay me to look at my computers.
        • If they've served their debt to society, and they appear to have truly reformed, then hiring them is expedient and possibly noble.

          Agreed. They need some kind of job - why shouldn't it be one they are suited for, where they can contribute the most to society by helping prevent or reduce the next generation of crackers' exploits?

          However, Mitnick is an unrepentant repeat offender. I wouldn't let him pay me to look at my computers.

          Also agreed: the "poacher turned gamekeeper" idea works, but only if the po

      • Great point.

        (my expansion)If they are not reformed why release them? If you know that they are going to repeat thier crime then they should not be released.

        If they are released then they have served their time and should no longer be a burden on society. Hence they should have full rights.

        Other wise you are saying that while they are harmfull enough to society to remove for a few years, they are not harmfull enough to keep them from doing it again (so then, why try and keep them from doing it again if it
        • We in the states tend to run in to other limitations on the amount of time non-violent criminals can stay in jail. These limitations many times have to do with money. It is dam expensive to keep a convict behind bars, fed 3 squares, and given his cabel/sat TV. When a prison system has to choose between keeping a rape vs a computer crime offender, they should choose to keep the violent crime and release the other.

          That is why many convicts are released before being reformed. I also tend to believe that k
      • I agree with you mostly but as the devils advocate i would like to ask if you would hire someone convicted of fraud to do your accounting? I dont think i would becuase i would be afraid they would somehow steal from me or whatnot. You would hafta be sure that any hacker you hire wont simply fnie holes and use them for their own purposes. Im not really sure how to judge someone that well i guess.
        • Allow me to point out that released ex-felons are usually (in Federal cases) on supervised release for three to five years..

          In other words, they have a parole officer breathing down their neck just waiting for them to slip.

          What other employee can you hire has a Federal officer backing him up? If the ex-con screws up, all you do is make a phone call and he's back in the joint in an hour. If he couldn't get away from them the first time, what makes you think he'll successfully steal from you and escape pu
      • If the person is truly reformed, yes, but I would suggest that is hard to know for sure, but time helps. If one is in the position of hiring this type of person, I would put in some sort of system of keeping a watchfull eye on this person or risk one's own job in having hired this person if the person only reformed "for show". Even if it's been a decade since the original conviction, there's no way of knowing of the person reformed or learned how not to get caught.

    • Ugh, I don't know about you, but while I definately take into account the criminal history of those I hire, I'm more likely to hire the person with right qualities for the job... even if those qualities come from an illegal activity. You have to remember, the point of a public corp. isn't to obey the law, it is to make a profit.

      • "You have to remember, the point of a public corp. isn't to obey the law, it is to make a profit."

        See, I have to disagree with you there. I think that, (a) All groups, including corporations, are responsible to the law and so they must be concerned about whether or not their employees will be law abiding, and (b) From a purely moral perspective, all groups are responsible to act morally.

    • There are some very unscrupulous people in the IT business who will go to great lengths to conceal their criminal activities, such as painting a legitimate, highly-skilled computer operator a thief after she tries to blow the whistle on them.

    • People change. You gotta believe in people. Give them a second chance to prove themselves. Think "Catch me if you can" (the movie)

      The reformed guy needs to prove himself. But if no one hires him, if no one trusts him enough to employ him, maybe he gets back to breaking the law.

      • And I think here you have hit the nail on the head. At one point in the article they said "It is like the fox guarding the hen house". Well gee are you not being a whee bit judgemental.

        I thought jail was a punishment you paid and after that your debt to society was gone. Or are they saying that you are always marked, because gee whiz that is what it sounded to me!

        Would I then hire Kevin Mitnick? It depends on the scope and the topic. Maybe, maybe not. But I would not let his criminal record stop me.

    • Also, from a devil's advocate position, I'm thinking this is akin to the hiring of former insider-traders to work on preventing further cheating. Basically, we're inviting the dog back into the pantry.

      Yes, by all means don't let people learn from their mistakes, which are often committed in the folly of youth. Are you saying you never got drunk and/or did something stupid as a teenager or while in college? I know I did, and I'd like to consider myself a responsible professional.

      More to the point, the

    • Bad news if the RIAA hired Mitnick to bullet-proof their website.
    • 'Hacking' is such a general term today. Be careful applying a single set of morality traits on people just because they want to be a 'hacker'.

      I think a good comparison would be these 16-20 year old kiddies that modify there cars and drag race at night and on weekends.

      This is illegal in the same sense as 'hacking' is a crime. Actually in some respects I could argue more so. For one the odds of these kids getting busted for racing and fined, or having there license suspended or (god forbid) ending up in j

    • Hacker One Cube Over (Score:5, Insightful)

      by _Sprocket_ ( 42527 ) on Friday April 18, 2003 @01:32AM (#5757670)


      I know this wont be a popular viewpoint here on slashdot, but perhaps we shouldn't reward people who break laws [by hacking] by giving them a job?

      If you (or your workplace) has a technically competent IT department, there is a good chance you already have hired hackers. If you also have a technically competent Infosec department, there's an even better chance. The only difference we're now hashing out is whether you wish to limit yourself to those who were either smart enough, or lucky enough, to never have gotten caught.

      The important issue is not a criminal "hacker" record, but rather the abilities of the individual in question. If they are able to bring a particular skill-set to the table and perform to expectations, then they make a good employee.

      The recent demonizing of "hackers" seems to have little to do with ability or morality. Such laws and legal actions seem to have more to do with publicity. A lawmaker or prosecuting attorney's career should have little to do with your hiring process.

      There are exceptions. If the individual in question committed embezzlement, then they have demonstrated a willingness to victimize their employer (to say the least). Such an individual would be a risk - but then, that has little to do with a "hacking" conviction.

      The other extreme is seeking to hire those with criminal convictions. This is perhaps a better example of "reward[ing] people who break laws." A computer crime conviction does little to prove one's skill-set. Again - it proves one was either stupid or unlucky. Or upset the wrong people. It doesn't prove that one would be able to deliver as a consultant or IT team member.

      One final note - the old days of hacking seem to be passing. Hacking, no matter your definition, has always been about learning a system. Back in the old days, the only way one could gain more time/access to a system was to learn how to manipulate the system and provide it oneself. Without permission, if need be.

      These days, one can create a functionally similar environment to most of what one would find in corporate and Government network at home using cheap, old hardware and free software. The need... and the excuse... to attack remote systems to gain the access needed to learn is fast fading. Of course, that doesn't take in to account proprietary hardware and software. But then it becomes a question of the risk being caught versus the lure of such systems. But then - if you learn enough and build a career, you'll get access to those systems legally.
      • If you (or your workplace) has a technically competent IT department, there is a good chance you already have hired hackers. If you also have a technically competent Infosec department, there's an even better chance. The only difference we're now hashing out is whether you wish to limit yourself to those who were either smart enough, or lucky enough, to never have gotten caught.

        Why restrict this to hacking crimes? How many people in the cubicles sitting next to you have done some cocaine at some time?

    • I sincerily disagree. (Score:2, Interesting)

      by Anonymous Coward
      I disagree in the bounds of your phylosophy, because it is the negative energy in this world that highlights the positive energy that counterbalances the environment. In a world of computer security, Kevin Mitnick is a mere pawn. Kevin has been there, he has wandered around the 'negative' side of computer security. Reluctantly, I confess much of modern security is attributed to the 'negative' side of science. It's the ever-so-encroachments on our communication that provides jobs to make the communicatio
    • ...perhaps we shouldn't reward people who break laws [by hacking] by giving them a job?

      So you would propose that ex-felons be reduced to begging by the roadside? Or maybe locking them up for the rest of their natural life (why not? the US has the world's largest prison population right now)? Or maybe just execute them (the US has the 3rd highest number of executions per year, after those shining beacons of democracy, the People's Republic of China and Iran)?

      The ex-felon with a job does not bother me

  • Wha? Repeat? (Score:2, Funny)

    by Anonymous Coward
    Either this is the same story from earlier today.. or I'm like that dude who made all that cash in the stock market

  • Repeat (Score:2, Funny)

    by dannyweb ( 321535 )
    What makes the whole repeat-ness of this story even worse is that there is a vote about it up right now!

  • Not really a repeat... but kinda (Score:4, Funny)

    by poppen_fresh ( 65995 ) on Thursday April 17, 2003 @11:44PM (#5757298)
    This isn't a repeat of the earlier /. post. That one linked to security focus and this one links to business week. But the business week article is just a reprint of the security focus article...

  • Would you hire an ex-spammer? (Score:2, Interesting)

    by Anonymous Coward
    Would you hire a reformed ex-spammer to advise you on how to secure your mail system?

    Would you pay a reformed ex-spammer to give a presentation at your company about mail system security?

    Would you trust a convicted spammer if they've said that they are, indeed, reformed?

    My personal answers: no; yes; and probably not.
  • ...the hacker could just steal an identity and get hired otherwise.
  • Isn't Kevin's site http://www.defensivethinking.com/ [defensivethinking.com]? It doesn't seem to be up. Did it get hacked yet again?
  • We already have enough liberal arts majors serving fries.

  • Sure, I'd hire a hacker (Score:3, Informative)

    by MarkusQ ( 450076 ) on Thursday April 17, 2003 @11:55PM (#5757356) Journal

    Sure, I'd hire a hacker. I don't think I'd want a Bad Guy or a Cracker or a Warz D00d or a Script Kid, but a hacker, sure, why not?

    After all, I've got a fair amount of crufty lisp code that needs to be tweeked but have yet to meet anyone I'd trust with u+w. (Or rather, anyone I could afford...aye, there's the rub).

    -- MarkusQ

    P.S. For the ellusive final point, you have to figure out what the duck is for.

    • [Soapbox]
      Ya know, the media and world has warped the word "hacker" into a bad word referring to a person that breaks into computers for nefarious activities. The IT community knows a hacker as someone skilled in computers that comes up with a "hack" as a clever way to accomplish a desired task (not illegal). But really, why can't we just let the world have the word "hacker" and just come up with another title. Because when it comes down to titles, who is really going to go around calling themselves a ha

      • Because we need to fight the media's power to warp name-of-group to name-of-evil-group at whim. We are not the first, nor the last group to whom this was done. If we all change to distance ourselves from the Bad Guys it appears that we were "harbouring" them and we all know what that leads to. If they succeed in equating Muslim with Terorist, should the vast majority of peaceful Muslims have to change the name of their faith to avoid the taint? Where does it stop?

        Changing the language to accomodate /

  • Ethical Dilemma (Score:3, Funny)

    by DASHSL0T ( 634167 ) on Thursday April 17, 2003 @11:55PM (#5757357) Homepage
    If I re-post all the +5 comments on this issue from the previous article, am I more or less honest than a convicted cracker? And if it works, and my karma goes through the roof, can I ever be reformed from karma-whoring or will I forver be branded the cut-and-paste king?
    • If I re-post all the +5 comments on this issue from the previous article, am I more or less honest than a convicted cracker?

      No, you'll be a DMCA violator.

  • Editors-That-Don't-Give-a-Crap Dept. (Score:3, Interesting)

    by SuperBanana ( 662181 ) on Thursday April 17, 2003 @11:56PM (#5757361)
    from the old-tricks-or-fresh-starts dept.

    More like "I-should-stick-to-being-in-every-poll-so-I-dont-p ost-dupes dept."

    I am getting VERY tired of the dupes. Seriously- I WANT an answer to this question from one of the Slashdot editors: how hard is it for you people to actually READ(gasp! What a concept!) the site you approve stories for? HUH? How about a new rule: "If you don't read the site, you DON'T APPROVE STORIES."

    For a long time you guys have given the impression that you just don't give a shit anymore. One clear message was when you guys spun off that "meetup.com" thing, encouraged us all to participate in "slashdot day", and then you guys fuckin' didn't even SHOW UP because you had "other plans". What gives? It was, in fact, one of the first things we talked about at our local slashdot meeting.

    If you don't care, here's a clue: find someone who DOES, and hand the site over to them, or just pick some new editors. If you do care, tell us what you're going to do to fix the problem- I'm sure, being the incredibly bright and talented people, that you can think of SOMETHING.

    Oh, and while you're at it, add a "Mitnick" category, so all of us, who DON'T GIVE A CRAP ABOUT MITNICK, can filter out the stories.

    • You know, the only thing worse than Slashdot posting dupes is eighty users posting "OMGZ I HATE TEHSE DUPES TEHY R SICH TEH FAGORT PLS SLAHSODT STOP POSTING THESE DUPES U STUPID FAGNARDS THX" every time it happens. Dupe posts are just as bad as dupe articles, so kindly shut up, suh.

      That is all.

    • I'll second the Mitnick bit. I can't figure out why people are so interested in Mitnick. He's a not particularly technically talented person, and he was dumb enough to persistently go after the wrong people and get caught.
    • You're probably not going to get an answer, because the editors seem to take a very adversarial relationship with their readers. Criticism of any kind is usually met with hostility, smug condescension, or indifference (sometimes all three). They laugh and giggle and snicker when people like you get pissed off at them, then later do it whatever it was again on purpose just to get another rise out of you.

      Biting the hand that feeds them, and failing to take pride in their work. A winning combination!

    • Indeed. I think it's pretty obvious that Slashdot has gone in the crapper when dupes are a daily occurance, and obviously innacurate (and weeks old) stories like "timetraveler busted for insider trading" gets posted as if it's truth.

      Slashdot desperately needs somewhere to discuss problems about itself. The editors have this "it's your sight" attitude, but then don't listen when just about everyone screams about the major problems. For lack of a better place to discuss problems, and solutions, I elect an
      • 1. There have *always* been Dupes - though they increased a little when Slashdot got a few more editors several years ago. The people who complain about it happening "recently" are usually people who also just joined "recently". Perhaps the increasing population of whiners is the real reason for "decline" - much like the internet's general decline as more people showed up who have never even heard of "netiquette". :(

        2. Newspapers and magazines frequently use sensational headlines to increase readership -
        • 1. I've been reading slashdot for at least 3-4 years, and the dupes have noticeably increased in the past year or so.

          2. Yes, newspapers and magazines often have sensational headlines. That's not really an excuse, since they all don't resort to that kind of crap. I don't think slashdot becoming the equivalant of Fox is a Good Thing.

          3. Yah, every article has a "slashdot sucks" thread, but since it's down at -1 no one reads it or replies to it, so it tends to be a bad discussion. Hell, even magazines publ
    • How hard is it to automate the procedure ? pattern matching with stories of the previous day ? dupe links, dupe key words, it's easy stuff. It's just a script, come on /. guys!!!
    • You know, if you don't like slashdot anymore, why not leave?
  • I noticed these hacks of reporters posting articles to /. didn't use the word 'crackers'.
    I guess all the (+2, Funny) white-jokes got old...
    The Triscuit and Ritz references, too.
  • But you better believe I would keep an eye on his work. You know what else though? I would provide him great benefits, pay and comps. I would rather he wanted to make damn sure he didn't lose this job.

  • Indeedy Do (Score:2, Interesting)

    by Whigh ( 663324 )
    The point of this is that a cracker (malicious hacker, I think I saw the correct usage once above) has decided to turn his skills to some use and make money off of it instead of goofing off for free. Go ahead and hire them, they're probably cheaper than SecSpecs anyway.
    Of course, if you're hiring 'hackers' (check the def at The New Hacker's Jargon Lexicon [drbbs.com] about halfway down the page) you should be getting people who know your system, or have a specialty in such a type of system and give it a once over.
    Unl
  • Most companies have a policy against hiring people with a criminal record, for good reason.

    Unless your business is involved in actively testing security, it is doubtful you need to look into excons to get the talent you need.

    • Most companies have a policy against hiring people with a criminal record

      Is that even legal? Most places I've interviewed want to know if I have a record (I don't), and they all use the same boilerplate about how a record won't automatically disqualify me ..., so wouldn't shitcanning someone for having a record constitute fraud? It's certainly not socially responsible.

  • dupe! (Score:1, Redundant)

    by minus_273 ( 174041 )
    nuff said
    • Why is it that people complain about Slashdot editors not reading the site, and then show that they themselves also pay no attention by being the 80th person to say "dupe"?
  • I can recycle content too!

    I don't think most hackers hack because they like crime. They like a challenge. The want a way to test their intellectual arsenal against others.

    In a way, I guess you could look at hacking the first multi-player online game. It was the first way to pit yourself against a real human opponent online (aside from checkers and chess on Prodigy back in the 80's I guess :) )

    The hackers play the "side" of the hackers because that is the side that's most available. If you give them a job
  • Is this CowboyNeal's first dupe? Maybe Taco is posting has him...
  • Sure it's ok to hire ex-cons, just as long as they give the non-ex-cons a shot too (non-ex-cons != cons). When it comes down to it, I need a job too, and I haven't been to prison. So that should count for something right?
  • No.
  • Wasn't this posted earlier today? [slashdot.org]
  • Should You Hire a Hacker?
    Or a broker and a backer?
    Or a smoker and a slacker?
    Or a joker and a cracker?

    Should you want a woobie?
    Or a wetnurse and a derby?
    Or a boxer and a birdie?
    Or a butler and a thursbey?

    Should you?

    Should you hire a hacker,
    not a broker nor a backer,
    you may find out that your cracker,
    has just left town with your slacker.

    Should you hire a hacker...should you?

  • Basically, yes (Score:5, Insightful)

    by Quixote ( 154172 ) on Friday April 18, 2003 @12:23AM (#5757476) Homepage Journal
    There's a basic tenet of the criminal justice system: once you have paid your debt to society by serving out your sentence, you should be free to go about your life as normal. There are a couple of exceptions (like sex offenders and child moleters, but they are exceptions probably because deep down inside they can't change the hardware that causes them to behave thusly).

    "Hackers" (I do not like that term, hence the quotes) who have served their time should be allowed to go about their lives as other folks. Why should society continue to punish them forever?

    Case in point: Anderson Consulting. Does anyone think what Mitnick did was any worse than what AC did with Enron (and other companies)? And yet the employees of AC continue on with their lives; a couple might be indicted and there's a slim chance that they might serve a sentence; but they'll be hired right back when it all blows over.

    Another case in point: the Wallstreet brokers who indulge in insider trading, etc. Only Milken was ever banned from trading, and thats because he stole billions (heck, he paid a $600 Million fine!).

    Why are the folks in the IT industry so hellbent on teaching Mitnick a lesson even after he has served his time? Why doesn't someone big have the cojones to say "enough is enough! leave the guy alone.". Why are we still debating this question, of whether he should be hired as a consultant or not?

    It just irritates me to see us try to set so high a standard for ourselves, for no reason.

    • There is a difference in the public perception and judicial treatment of white collar vs "law and order" type crimes. Its another one of these issues that very conveniantly bisects the old predjucides like Rich/Poor, White/Black, Educated/Non-Educated.

      Crimes like insider trading, or insurance fraud are also in the category "alright unless you get caught", I'm sure these people don't feel guilt about it. Tthey are considered victimless crimes. At least there is no direct victim, only indirect through hi
    • There's a basic tenet of the criminal justice system: once you have paid your debt to society by serving out your sentence, you should be free to go about your life as normal. There are a couple of exceptions (like sex offenders and child moleters, but they are exceptions probably because deep down inside they can't change the hardware that causes them to behave thusly).

      The criminal justice system is irrelavent - all that matters is what the person did. If a person gets off because a technicality, I wil

    • Another case in point: the Wallstreet brokers who indulge in insider trading, etc. Only Milken was ever banned from trading, and thats because he stole billions (heck, he paid a $600 Million fine!).

      Why are the folks in the IT industry so hellbent on teaching Mitnick a lesson even after he has served his time? Why doesn't someone big have the cojones to say "enough is enough! leave the guy alone.". Why are we still debating this question, of whether he should be hired as a consultant or not?

      Fact: Milken

  • Isn't the subscription from the "mysterious future" supposed to allow for some of this? Aren't the subscribers seeing these things before they make it to the front page? Are they just letting them go to copy the +5 posts from the previous and whore karma?

  • Yes & No (Score:2, Insightful)

    by The Jonas ( 623192 )
    Yes, because:
    1. You get all of THEIR personal info such as name, address, SS#, etc...
    2. You can make them sign non-disclosures and other legal forms, compulsory direct-deposit personal banking info., insurance forms, etc...
    3. You can make them dependent on YOU for food, clothing, shelter, etc...

    NO, because:
    1. You MAY have to fire them, in which case a pissed_off, unemployed hacker will probably no longer give a rat's_ass about the non-disclosures, legal stuff, etc... and you can guess what will p

  • Very curious (Score:3, Interesting)

    by arvindn ( 542080 ) on Friday April 18, 2003 @01:01AM (#5757578) Homepage Journal
    The current poll [slashdot.org] about whether or not to hire hackers has "sure" running away with half of the vote while "no way" has barely managed to reach double figures. However, the collective opinion of the comments in the previous story [slashdot.org] (this one's a dupe, if you haven't figured out already) seems to be heavily against hiring Kevin. Too early to say anything about how this one will turn out.

    Gotta wonder...

  • Should be titled... (Score:3, Interesting)

    by miketang16 ( 585602 ) on Friday April 18, 2003 @01:12AM (#5757615) Journal
    Can you afford NOT to hire a hacker?
  • and by hire I mean kidnapp them, fake there deathes, then make them work for me in my secret underground base as I take over the WORLD!!!

    MUAAHAHAhahahahah...

  • Well why not? (Score:4, Funny)

    by MillionthMonkey ( 240664 ) on Friday April 18, 2003 @01:31AM (#5757667)
    I find this entire debate to be more than a bit ironic. Didn't we just see [slashdot.org] a former DoubleClick executive get hired to be the first ever privacy czar for the Department of Homeland Security?

    And they're worrying about Mitnick!

  • The critical flaw in the thinking of establishment dweebs like Painter and Winkler is that they assume that security experts who are lawful are also skill- and knowledge-equivalent to a criminal or professional hacker, even a benign or hobby hacker.

    How do you know your code's broke unless you try to break it? Breaking software is a good way to test it -- since real-world operations are what the software will experience normally -- hence hacking systems is the capstone on the surety that your systems are
  • From New Architect's February issue [newarchitectmag.com]. Also discusses so-called "ethical hacking services" that all the big data services players offer.
  • Hiring a hacker for security, isn't that a bit like putting a former DoubleClick exec in charge of privacy issues? [slashdot.org]
  • Breaking into a computer is easy, Winkler continued. Closing up security holes is the more difficult task -- a skill most hackers lack, he argued.

    Winkler obviously has no clue how the entire software industry works. The absolutely most difficult part about working with bugs and security holes is FINDING THEM!!! Thats the skill hacker and crackers have. Once you find the problem, and you can easily replicate it, fixing it is pretty damn easy.

    What's more, its not the security experts job to fix the bug,
  • The facts are this, no company can afford to pay someone to 100% lockdown everything nor could they function with everything 100% locked down. There will be things that the security expert will say you should do but you won't want done for either cost or convinience. With the wrong person this can hurt you in two ways.

    1) The hacker get pissed that you didn't head the warning (and pay his fee) and will keep the info around for later or trade it with other black hats.

    2) The hacker will be in a group of the
  • and deny them the ability to make a decent honest living, where's their incentive to behave?

    If the person shows good solid evidence of being reformed, I don't see what the problem is. If they got caught once, they certainly no longer feel invincible. They know the consequences and the ease of getting caught more than Joe Random.

    With slightly different role models and peer pressure in jr.high/early high school, I could definately see myself getting into lots of mischeif just for the curiosity of the thin

  • Should a company hire a hacker? To me, this is akin to the question, should a company hire radical union activists? A corporation is an entity whose purpose is profit - which the people who run them will be the first to admit. The profit goes to the shareholders, which if one looks at the data, are very largely very wealthy, and whom the most common means of acquiring wealth being inheritance. These people hire people to act out their commands (the white collar management), as well as hire people to cre

Slashdot Top Deals

"...a most excellent barbarian ... Genghis Kahn!" -- _Bill And Ted's Excellent Adventure_

Close