Should You Hire A Criminal Hacker?
from the good-or-bad-for-security? dept
It sounds like there was an interesting debate earlier at the RSA Security Conference discussing whether or not companies should hire "reformed" hackers with criminal records to test their security. The panelists included Kevin Mitnick and the man who prosecuted him, Christopher Painter along with Ira Winkler (chief security strategist for Hewlett-Packard). Mitnick, of course, made the point that having a reformed hacker, such as himself, could be very useful. Painter (and Winkler) seemed to argue that "once a criminal, always a criminal", and also seemed to focus specifically on Mitnick - saying he didn't show enough remorse for the "damage" he had done. Of course, there's plenty of room to debate whether or not Mitnick ever did any actual damage, other than poking around computer systems he shouldn't have been in. Winkler indicated that he thinks Mitnick is trying to "pull the wool over everyone's eyes" with his new career as a security expert. He seems to think it's all a cover so he can go back to illegally hacking into computer systems.