I totally agree. In a first place, spying packet for looking after customers isn't the right way: make a good job, let it be known, and customers will come. if they don't you should probably spend more time enhancing your service than just finding ways to others. (don't want to blame you, you're anonymuous)

Secondly: the tools are a must for a security officer and/or consultant. illegalizing them will not prevent them to be used, it will just cut the good's arms. BUT the spirit behind the usage is the question.
It's like a gun (I don't like 'em but they exists), as such there's no problem having one, the question is WHY do you have one.

finally: never forget that unless you're idealist, global ethics doesn't work (hopefully in a way: imagine a world of billions of people all thinking the same way.. boring). so defense tools, even proactive, will always be needed. Maybe the solution is a "License to Scan", where as for doctors or lawyers a security officer would swear that only right things will be achieved USING those tools. Just having them must not be illegal.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/57/10329#10329