This blog is a random collection of information, partly in support of my quotations web site. Other topics include wine, military news, economics, history, libertarianism, and other random things which happen to strike my fancy. Backup site is at http://quotulatiousness.blogspot.com/ (if there are no posts showing, hit the backup blog for explanation). Comments have been turned off, as the spam was getting too much to handle. Comments can be emailed to me for posting.

September 16, 2006

Definitions are important

Bruce Schneier has a swing at defining the word "hacker":

Hacking is cheating, and it's how we get better at security. It's only after someone invents a new attack that the rest of us can figure out how to defend against it.

For years I have refused to play the semantic "hacker" vs. "cracker" game. There are good hackers and bad hackers, just as there are good electricians and bad electricians. "Hacker" is a mindset and a skill set; what you do with it is a different issue.

And I believe the best computer security experts have the hacker mindset. When I look to hire people, I look for someone who can't walk into a store without figuring out how to shoplift. I look for someone who can't test a computer security program without trying to get around it. I look for someone who, when told that things work in a particular way, immediately asks how things stop working if you do something else.

Posted by Nicholas at September 16, 2006 04:42 PM
Comments


Visitors since 17 August, 2004