Proposals
(1) Spafford’s first principle of security administration – “If you have responsibility for security but have no authority to set rules or punish violators, your own role in the organization is to take the blame when something big goes wrong.”
(2) Backwards Maxim: Most people will assume everything is secure until provided strong evidence to the contrary—exactly backwards from a reasonable approach.
(3) A Priest, a Minister, and a Rabbi Maxim: People lacking imagination, skepticism, and a sense of humor should not work in the security field.
(4) Merton’s Maxim: The bad guys don’t obey our security policies.
(5) A lot of hacking is playing with other people, you know, getting them to
do strange things.
Steve Wozniak
(6) As a young boy, I was taught in high school that hacking was cool.
Kevin Mitnick
(7) This is our world now... the world of the electron and the switch, the
beauty of the baud. We make use of a service already existing without paying
for what could be dirt-cheap if it wasn't run by profiteering gluttons, and
you call us criminals. We explore... and you call us criminals. We seek
after knowledge... and you call us criminals. We exist without skin color,
without nationality, without religious bias... and you call us criminals.
You build atomic bombs, you wage wars, you murder, cheat, and lie to us
and try to make us believe it's for our own good, yet we're the criminals.
Yes, I am a criminal. My crime is that of curiosity. My crime is
that of judging people by what they say and think, not what they look like.
My crime is that of outsmarting you, something that you will never forgive me
for.
I am a hacker, and this is my manifesto. You may stop this individual,
but you can't stop us all... after all, we're all alike.
The Conscience of a Hacker, The Mentor, January 8, 1986, http://www.phrack.org/issues.html?issue=7&id=3
![[FSF
Associate Member]](http://www.foo.be/fsfbutton-adulau.png){kind=small}
