I went to a confence a year or so ago in Europe, and some supposedly amazing talk about server hacks turne into an hour and a half of a guy reading off what looked like a phonebook, while everyone sat there looking confused. When someone had the temerity to finally raise his hand and ask a question (the question being, we dont know what the hell you are talking about), the guy doing the talking looked down his nose and shot him the most patronising glance ive ever seen.

Ho hum.

youre right about the fuzzing, too. got a free half hour? throw in some fuzzing!
Black _Hatter | 11.19.07 - 9:48 am | #

This article gives me faith that the industry will eventually accept that technology is a means to an ends and not the ends itself.
Mike | 11.19.07 - 9:54 am | #

Mike:

I not sure the industry as a whole will ever get there, as long as the furry toothed geeks keep having attitudes as demonstrated above similar to the reviewers.

The issue is there in the whole industry, as CS shops keep churning out graduates who can grok code in 15 different languages but can't understand/admit/whatever that there is a world outside of computers. These types are very prevalent in programming fields (in which I ran out of screaming), and now, much to my chagrin, they apparently also exist in in InfoSec fields. Furry toothed geeks want to focus strictly on the technology side, and either don't care or are unaware that there is a human side to all this.

You hit the nail on the head with your means to an ends statement. A professor told me that when I was a sophomore in Computer Engineering, and it really struck a chord. Unfortunately, I think it sailed over the heads of most of the rest of the class. Sadly, the only option is to keep evangelizing and hope it starts to register to the industry at large.
Innismir | Homepage | 11.19.07 - 2:54 pm | #

i'm reminded of a quote i've heard attributed to edsger dijkstra which said "computer science is no more about computers than astronomy is about telescopes"...

folks in the security field talk a lot about protecting networks and end points and data and identities, but that's all just stuff that's owned by people or by businesses (which are run by people)...

i think this deserves an analog to dijkstra's quote... something along the lines of 'computer security is no more about protecting computers than door locks are about protecting doors'...
kurt wismer | Homepage | 11.19.07 - 3:55 pm | #

Its the old everybody knows/we dont want to know,
the Majority of end users dont want to know how they are protected just that they are protected,
Same as they dont want to know were the child porn is coming from just that somewhere out there people are stopping it,
Conversely a lot of security proffesionals hold end users in contempt for not updating anti malware software and for not wanting to know about the dangers of the internet,
Then we have people like you PG who care maybe to much and end up in trouble for it,i know your answer Bring It On ...
milligansghost | 11.19.07 - 4:49 pm | #