According to Wikipedia: In hacker culture, a script kiddie is a derogatory term used for an inexperienced malicious hacker who uses programs developed by others to attack computer systems, and deface websites. It is generally assumed that script kiddies are juveniles who lack the ability to write sophisticated hacking programs on their own, and that their objective is to try to impress their friends or gain credit in underground hacker communities. [...]
Someone on LinkedIn asked: Is Information Security driven by compliance? to which I say yes and this is a problem!:
My long answer goes like this:
This is certainly not the best answer. Follow the discussion over here. You are not going to learn anything technical but at least you will get a good idea how the majority of security professionals on LinkedIn think.
Why we are so obsessed with the newest exploit and attack developments while forgetting that the world hasn’t changed much since the last time we looked at it and laughed.
I think it is because very few of us, if anyone, are capable of looking into the entire security landscape with an open eyes and clear mind. [...]
If you read the Wikipedia’s definition of Tiger Team you get the following: A tiger team is a specialized group tasked with testing the effectiveness of an organization’s ability to protect assets by attempting to circumvent, defeat or otherwise thwart that organization’s internal and external security. And further down we have In the computer security field, the term is now obsolete, and more common terms are penetration testers or security testers. [...]
I was flipping the pages of the latest SC Magazine and I am afraid to admit that it was very boring.
And this is not because the idea behind the magazine is bad. Not at all. It is mainly the fault of the numerous info security companies SC Magazine is listing, which are striving to sell you the latest crap that you don’t really need. Promises. Promises. And more Promises. But no substance! [...]
Here is a thought for you: The entire information security industry today is based on fear. The fear of getting hacked and your integrity and reputation being publicly jeopardized and challenged.
This is what gives security vendors the power to sell you useless products which you don’t really need.
Ok, so I have been busy. But soon you will see why. In the meanwhile I would like to draw your attention on a very interesting discussion me and ap have started some time ago.
For those of you who don’t know, SaaS stands for Software as a Service, which is the new hot topic on the market. It is so hot, it radiates light. Of course all vendors are jumping into the SaaS bandwagon, and for a reason. [...]
I was going though some feeds that have been aggregating for a few weeks without my supervision and I came to realize that the Web is on fire.
It is not just the hype which is obvious when it comes to things such as AJAX and Web2.0 but it is also about the other things yet to be seen. I see social networks that serve all kinds of purposes popping everywhere. Commercial, private, open, whatever, they all agglomerate people in a very, very rapidly. [...]
