"Ethical wrongdoers"? Even the name sounds silly. Would you hire an "Ethical Theif" to help you guard your house? Should "Ethical Murderers" be allowed to carry concealed weapons? Should we encourage "Ethical Vandalism" or permit "Ethical Fraud"? So, why do we even talk about nonsensical notions like "Ethical Hacking" and "Ethical Hackers"? To even speak of such things simply cements the assertion that we are involved in an extremely immature "profession"!

I recognize the need for "penetration testing" or "intrusion testing", as valid components of an effective security program. However, most "penetration testers" I know would not permit themselves to be called "hackers", "crackers", or anything else that might loosely be associated with underhanded activities. Why? The reason is obvious! Medical doctors do not want to be confused with Witch Doctors, Engineers do not want to be confused with tinkerers, Lawyers do not want to be confused with lawbreakers, and Accountants do not want to be confused with swindlers. So, why even permit this "ethical hacker/cracker" nonsense!!!???

Personally, I have little patience with anyone who attempts to use a past filled with activities of questionable ethics to further a future as a upstanding professional! While I am prepared to offer people second chances (we all make mistakes...) I would like to see a real "turning over of a new leaf", rather than this kind of feeble lateral arburesque from a life of unethical behavior into the life of a trusted, respected professional!

As ITSEC professionals, where are OUR ethics??? WE should not be permitting this kind of foolishness to go on. What are WE doing to ensure that ITSEC professionals meet some kind of *professional* ethics, and uphold a decent code? What are WE doing to screen out these kinds of miscreants and two faced turncoats?

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/18/1602#1602