"Jim Franz" <franz400@xxxxxxxxxxxx> wrote:

>An Ethical Hack contract may require a non-disclosure agreement.
>You would not want a public discussion on methods (or individuals
>would then learn how to circumvent). Granted, there is plenty
>of discussion about how to check security, but not how a single
>vendor analyzes a company.

A very good point. But wouldn't that also potentially limit how the learned 
info was applied? That is, Rob simply had a list of security PTFs. If an NDA 
covered such resulting recommendations, Rob could potentially be somewhat in a 
bind if he took another job tomorrow and was tasked with getting PTFs up to 
date on his new system. Is that significantly different from disclosing here?

I certainly agree that non-disclosure of methods used is a reasonable 
possibility for an NDA.

Tom Liotta

-- 
Tom Liotta
The PowerTech Group, Inc.
19426 68th Avenue South
Kent, WA 98032
Phone  253-872-7788 x313
Fax    253-872-7904
http://www.powertech.com


__________________________________________________________________
Switch to Netscape Internet Service.
As low as $9.95 a month -- Sign up today at http://isp.netscape.com/register

Netscape. Just the Net You Need.

New! Netscape Toolbar for Internet Explorer
Search from anywhere on the Web and block those annoying pop-ups.
Download now at http://channels.netscape.com/ns/search/install.jsp

As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.