Sunday, December 12, 2004
Are you a virus writer? Don't despair!!
Benny, one of my favorites (!?) from 29A has got a day job. He was hired by Zoner Antivirus team (Czhech). This has become such an issue, which I don't understand at all. The argument against hiring virii coders is that the employers will lose credibility as their software is developed by an ex-malicious code developer. WTH? We have a saying in my country, which, to paraphrase, says "Only a thief can *find* another thief"...True, isn't it? An ex-virii coder knows the tricks of the trade, he understands how his former-peers think, how they try to find vulnerabilities and how their polymorphic engines tick! This is crucial information, IMO.
If a security firm is not hiring a seasoned hacker, it is akin to a country's intelligence agency refusing information from an opponent's intelligence agent! Antivirus companies say that the skills needed for writing security software is completely different from that needed for writing malicious code. This may be true in some cases, but I cannot accept the statement as such. C'mon, if I know how to exploit a vulnerability, surely you can make use of that knowledge to fix that vulnerability, in the first place, right?? You write your software, give it to the fellow, whose job is to crack it somehow....He will be pretty effective at it than a 10 man testing team & a Quality assurance expert!! It all boils down to how you make use of the talent, IMHO. Anyhow, congrats & all the best, Benny!
If a security firm is not hiring a seasoned hacker, it is akin to a country's intelligence agency refusing information from an opponent's intelligence agent! Antivirus companies say that the skills needed for writing security software is completely different from that needed for writing malicious code. This may be true in some cases, but I cannot accept the statement as such. C'mon, if I know how to exploit a vulnerability, surely you can make use of that knowledge to fix that vulnerability, in the first place, right?? You write your software, give it to the fellow, whose job is to crack it somehow....He will be pretty effective at it than a 10 man testing team & a Quality assurance expert!! It all boils down to how you make use of the talent, IMHO. Anyhow, congrats & all the best, Benny!
Comments:
<< Home
The "patzer" part is there as I wanted to talk abt Chess here...but nowadays most of the chess-talk is restricted to my Tamil Blog @ http://chathurangam.blogspot.com. If it is "mettupatti", thats where my ancestors are from :)
oh interesting........dont temme one of those tambram s/w pro banging his head against the comp terminal ;)
Post a Comment
<< Home
|