[Salo]

interesting read.

[Salo]

Tech, security pings.

[Glenn]

Mitnick is ancient news. He's irrelavent.

[BeHoldAPaleHorse]

I seem to recall that Mitnick was not nearly as good as he claimed to be--someone said there are IRC transcripts where ol' Mitnick is asking other people to compile and link his exploit code for him, because he didn't know how.

[ShadowAce]

[wvobiwan]

Considering the damage this scumbag caused to corporate info systems in his heyday, I'd prefer Mitnik rot in prison for the rest of his life.

He cannot be trusted. To see him getting fame and money from his exploitation is very disheartening.

[isthisnickcool]

Mitnick says that open source software is easier to analyse for security holes, since you can see the code.

Wow, this guy is smart. /sarcasm off

[cloud8]

"He served five years in prison, including eight months in solitary confinement after it was alleged that he could launch nuclear missiles by whistling into a telephone.

"You know how to whistle, don't you, Steve? You just put your lips together - and blow."

KA-BLAM!!!

[RightWhale]

Mitnick was on Coast a couple nights ago. Evidently his skills are still in demand, but he is on the side of Good now.

[goldstategop]

But its the open nature of open source software that makes rapid fixes easier to deploy. With proprietary software that's closed to any one but the software maker, its difficult to know where your bugs are. And it takes longer to issue a fix since the code is known only to those who are in possession of it.

(Denny Crane: "I Don't Want To Socialize With A Pinko Liberal Democrat Commie. Say What You Like About Republicans. We Stick To Our Convictions. Even When We Know We're Dead Wrong.")

[antiRepublicrat]

Mitnick is NOT this kind of hacker. In his successful cracks, he either used social engineering or already-known backdoors, hacks and default passwords. He is also a master at hacking a phone switch.

But he probably is not himself capable of looking through code to find vulnerabilities.

[antiRepublicrat]

He also forgets that people have disassemblers and can look at what the code does.

On a tangent, disassemblers are the main way OSS authors can find out if closed-source applications have stolen their code.

[Bear_Slayer]

I met him once at a SANS conference in Las Vegas years ago, 98 or 99.

He was interesting to talk to, but even then he seemed to being capitalizing on his infamy.

[Golden Eagle]

Well since the source code is already wide open, why wouldn't it be? Especially since there's no definitive proof whatsoever that "good eyes" is even 1/10th the number of "bad eyes", it's a total unknown and always will be.

Here's some things we can quantify, however:

http://www.channelweb.com/sections/allnews/article.jhtml?articleId=177105109&cid=ChannelWebNews

[JoJo Gunn]

If I wanted to make a name for myself in the hacking community, it seems the only way to impress them is by going after closed source.