Interview with Jacob Carlson, co-author of "Internet Site Security"
by Mirko Zorz - Thursday, 21 November 2002.
I've found that my definition of exciting can be drastically different from that of others, but I do have a few ideas. I'd like to move into more of an R&D role and away from the penetration testing. Believe it or not, breaking into computers can get boring after a while. More and more I find myself excited by theory rather than what new vulnerabilities exist in what software. I've always said that you have to know offense to play defense, but the offense has always been more exciting to me :). So the stuff I'm working on now is more in the offensive arena, particularly with regards to attacking web-based applications. In 5 years that's pretty much all there will be, and finding out now how web services are broken is extremely important. I do have some ideas for defensive projects, but they are all at the hardware level so I'll need TrustWave to kick down a couple more R&D dollars before I can proceed :).

My immediate plans, however, are to go lie on the couch with my brand new wife and take a nap.


Pen-testing drone searches for unsecured devices

You're sitting in an office, and you send a print job to the main office printer. You see or hear a drone flying outside your window. Next thing you know, the printer buzzes to life and, after spitting out your print job, it continues to work and presents you with more filled pages than you expected.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Oct 9th