Someone please give lulzsec a job...

4 points by sydlawrence ↗ HN
Personally I think lulz security to be paid by governments to let companies be aware and advise to fix security holes, as online security is a MASSIVE issue of national security. Rather than be arrested and put away.

I would rather they hack for good than bad. After all their are non public hacker groups.

I mean look at the Citi bank hack... I know that is security 101, but COME ON.

Either that, or force the general public to use an openID run by a hack proof source.

Or is this just me?

9 comments

[ 3.4 ms ] story [ 36.7 ms ] thread
OpenID is not a trust system.
I know it isn't a trust system, but some kind of similar solution
People don't start worrying until something actually happens. The general public is deluded when it comes to internet security, and Lulzsec exposed the internet's vulnerability. Yes, they did break the law, but they had the right intentions nonetheless.
Lulzsec is a bunch of psychotic kids playing with massive customer-driven online services the way a child plays with ants and a magnifying glass. And you want to give them government jobs?
Entirely agree with you. They are nothing but script kiddies. Anyone can download Metasploit, Nessus, Nikto, etc. and test for thousands of vulnerabilities. Then they either turn vulnerable servers into botnet zombies or steal their data and post it on the web. I've seen no sign they have any 0day exploits (which would make them the real deal), just some basic SQL injections, XSS, and brute forcing.

Not impressed.

What should be impressive at this point is that we're still not past SQL injections and XSS. Or URL tweaking. In banking. (Good God!...)
Child labour laws. You could never employ 2/3 of them for long enough for their own desire to do this kind of thing.