Access to computers—and
anything which might teach you something about the way the world works should
be unlimited and total. Always yield to the Hands-on Imperative!
All information should be free.
Hackers should
be judged by their hacking, not
bogus criteria such as
degrees, age,
race, or
position.
You can create
art and beauty on a computer.
Computers can change your life for
the better.
One rule that
IBM's ethical hacking effort had from the very beginning was that we would not
hire ex-hackers. While some will argue that only a "real hacker"
would have the skill to actually do the work, we feel that the requirement for
absolute trust eliminated such candidates. We likened the decision to that of
hiring a fire marshal for a school district: while a gifted ex-arsonist might
indeed know everything about setting and putting out fires, would the parents
of the students really feel comfortable with such a choice? This decision was
further justified when the service was initially offered: the customers
themselves asked that such a restriction be observed. Since IBM's ethical
hacking group was formed, there have been numerous ex-hackers who have become
security consultants and spokespersons for the news media. While they may very
well have turned away from the "dark side," there will always be a
doubt.
The goal of
the ethical hacker is to help the organization take preemptive measures against
malicious attacks by attacking the system himself; all the while staying within
legal limits. This philosophy stems from the proven practice of trying to catch
a thief, by thinking like a thief. The Ethical Hacker is an individual who is
usually employed with the organization and who can be trusted to undertake an
attempt to penetrate networks and/or computer systems using the same methods as
a Hacker. The most important point is that an Ethical Hacker has authorization
to probe the target. The CEH Program certifies individuals in the specific
network security discipline of Ethical Hacking from a vendor-neutral
perspective. The Certified Ethical Hacker certification will fortify the
application knowledge of security officers, auditors, security professionals,
site administrators, and anyone who is concerned about the integrity of the
network infrastructure. A Certified Ethical Hacker is a skilled professional
who understands and knows how to look for the weaknesses and vulnerabilities in
target systems and uses the same knowledge and tools as a malicious hacker.
No comments:
Post a Comment