Crime doesn't pay?
That's odd, those politicians seem to be rolling in the stuff.
(Do I really need the sarcasm tag?)
Phishing kits – used by miscreants to build webpages that steal victims' personal information and money by masquerading as legit websites – harbor vulnerabilities that can be exploited by other miscreants to pilfer freshly stolen data. It's not far off burglars breaking into a mafia den to steal loot swiped just hours earlier …
And they're just as clueless as their commercial counterparts.
So there's an underling coder who knows (1) that his boss isn't going to rigorously review the code, (2) that his boss is a criminal, and therefore (3) his own long-term job prospects aren't great. Why wouldn't they insert some extra backdoors in the code, so that they can continue to profit from it after they bail from the current gig?
The two types are diametrically opposite even though A secure coder has a healthy respect for hackers and vice versa. But in my years, I never found a good white hat hacker to actually produce beautiful and secure code. They are very good at breaking things. I like it that way since they don't have a stake in building something secure, they don't have a bias. Any opinions? Maybe my data set is too small.
Biting the hand that feeds IT © 1998–2020