Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Path From Hacker To Security Consultant

Posted by Soulskill on from the curiosity-killed-the-cracker dept.

CNet has a series of interviews with former hackers who ran afoul of the law in their youth, but later turned their skills toward a profession in security consulting. Adrian Lamo discusses taking "normal every day information resources and [arranging] them in improbable ways," describing a time when he broke into Excite@Home's system and ended up answering help desk questions from their users. Kevin Mitnick, famous for gaining access to many high-profile systems, warns today's young hackers not to follow in his footsteps, saying, "A lot of pen testers today have done unethical things in their past during their learning process, especially the older ones because there was no opportunity to learn about security. Back in the '70s and '80s, it was all self-taught. So a lot of the old-school hackers really learned on other people's systems. And at the time, I couldn't even afford my own computer." Mark Abene explains how he got interested in phone phreaking, and how it led to a prison term and a career in computer security. Like Mitnick, he says that easy access to powerful modern computers removes part of the motivation for breaking into other systems.

4 of 96 comments (clear)

  1. Crackers, not hackers by Anonymous Coward · · Score: 0, Informative

    I'm disappointed, Slashdot editor. Everyone here should know that people who break into other systems are crackers, while "hacker" simply refers to anyone with an interest in coding and computer technology.

    1. Re:Crackers, not hackers by Anonymous Coward · · Score: 2, Informative

      The widely-accepted definition of a hacker is different than your romanticized version of things. That horse has left the barn - you can be disappointed all you want but trust me, you're only bothering yourself with it.

      I bet you insist on GNU/Linux, too.

  2. Re:Criminal record == no job by Anonymous Coward · · Score: 1, Informative

    Oh fuck!

    I went and got busted for: drugs, hacking, running guns, spying on a defence contractor, and bribing a judge. I was planning on becoming the most bad-ass security consultant on Earth.

  3. Re:Criminal record == no job by CaptainJeff · · Score: 3, Informative

    If you are hiring consultants to perform security-related functions, you're being negligent by not doing background checks and such on them. Any security-related processing you are doing on full-time employees should be done on contractors as well if they are doing similar jobs. If you're not doing that, you're doing it wrong.