Wednesday, July 21, 2004

Should we train hackers? has a good paper exploring the issues (pro and con) of teaching "ethical hacking." As you probably know, any yahoo with $$ can sign up for a number of "Super Ultimate Megaleet Hacking" courses and learn most of the same techniques the Bad Guys use against us. The concern is, of course, are we the ones teaching the Bad Guys? My take is that truly dangerous blackhats don't need our help to learn anything, so the benefit to the security community far outweighs the possible downside. But check out this paper and see if you agree.

No comments: