[Dailydave] Location Location Location
Kristian Erik Hermansen
kristian.hermansen at gmail.com
Sun Oct 28 14:10:07 EDT 2007
Thanks for all the info. I will heed your advice. However, I can't
play uplink because it doesn't run on Linux :-( Maybe if a linux
hacker games comes out...or you can recommend a challenging online
root war...
On 10/28/07, Paul Melson <pmelson at gmail.com> wrote:
> On 10/27/07, Kristian Erik Hermansen <kristian.hermansen at gmail.com> wrote:
> > So now what is a pen tester to do? There are some boxes hanging
> > around out there on the net pwned, but you don't want to say anything
> > because they weren't yours to hack in the first place!??! What is the
> > proper etiquette here? If you inform the party, maybe they will want
> > to sue you for damages. On the other hand, they are vulnerable. Who
> > has been in this situation before?
>
> Everybody that's been doing over-the-net pen testing for any amount of
> time, that's who. It depends on the situation as to how best to
> handle it, but the ethical thing is to suck it up, try and make
> contact with the unintended target, and hope that they will be
> reasonable. (That's assuming that they haven't already noticed and
> contacted you first.) At that point, you are at the very least
> obligated to assist them in understanding and mitigating the
> vulnerabilities you've found on their end. For free. Under a
> confidentiality agreement.
>
>
> > Is uplink really that cool?!!?? I tried it once, but I thought it was
> > pretty lame. Maybe I didn't give it enough time to enjoy the plot...
>
> Hacker games are about as cool and accurate as hacker movies. But if
> you *like* Uplink, then Hacker Evolution will also amuse you:
>
> http://www.exosyphenstudios.com/page_hacker-evolution.html
>
>
> PaulM
>
--
Kristian Erik Hermansen
More information about the Dailydave
mailing list