this post was submitted on 28 Aug 2023
782 points (97.9% liked)
Technology
59594 readers
2887 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
It always warms my heart when a single person is able to outsmart large multi-million/billion dollar tech companies like Nvidia and Rockstar. Really shows how piss poor these companies security can be.
I would definitely look to hire that kid with a high wage just to make sure he doesn't hacke me again, if I were one of the companies he hacked into. Companies should really think about trying to hire these hackers because then the threats against them might go down ever so slightly.
Counterpoint: he got caught. Whatever his offensive capabilities are, his security posture is evidently lacking. Recruiting a glass cannon like that might not work out if you're looking for help with security hardening.
Counter-counterpoint: he could work as a pentester, where his sole purpose is to just break into things.
Leave the policy making and actual hardening to someone else.
Then comes the issue of a rogue pentester selling his clients zerodays into black market for crypto. Don't know if the myth of being hired by government agencies is true.
I know nothing about anything but I definitely believe the government would do it. If anyone has the power to keep the hackers acting nice it's the government. Especially if they write your paychecks.
I understand your thought, but some people just want to watch the world burn and you definitely don't want to bring that sort inside.
This guy seems to be driven, capable and lacking the common sense to know when to stop.
Its kind of inevitable, you know that meme about the overlap between the smartest bears and the dumbest tourists? Well the same is true for secure working practices and the dumbest/laziest employees. Any system too secure will also be enough of a pain in the ass that some people will start doing stupid shit that nullifies that security.
For others like me interested in the exact example; it's about the difficulty of designing a trash can that smart bears cannot open and dumb tourists still can. You cannot create something too secure if you still want dumb people to use it as well, due to the overlap.
The quote is not really saying dumb people will break / nullify security, like I read in the above comment, but more that they just will not be able to operate it.
some companies do.