Kevin Mitnick started his foray into "hacking" well before most reading this (if there is anyone reading this) were even born, as I doubt many over the age of forty-something read these types of articles.
If you are reading this, chances are that you already know who Mitnick is and why he has received so much notoriety - good and bad.
If you do not know of him, I'd recommend reading the Wikipedia page HERE before reading the rest of the post, else it really won't mean that much.
Kevin started into the computer age just a few years before I had. It was a wonderful new world whereby many geeks were freed and came together to share in their geekdom.
The major differences between Kevin and those like Kevin and myself and those like myself was, and still is, integrity and respect for others.
In 1982ish, I too performed some low level "hacking" on a DEC that allowed me to access the neighboring rival school's system. Of course their geeks thought that our geeks were not up to the challenge and "we" needed to disprove that misguided thought - no matter the cost.
It wasn't long before I and another were called to the principal's office and were asked a series of questions regarding the incident that had been discovered some two weeks later. Only after listening to this voice of reason for what seemed to be an hour, I was sent on my way... fortunately with no real penalties.
I gave the interaction a bit of thought and realized that the geeky"new toys" that we had access to were not to be used to make people's lives more difficult but to enhance and assist lives - everywhere. That's not to say that "fun" and "pranks" don't have their place - we wrote many pieces of code that today would be deemed "viruses" or "malware".
That stated, Kevin had his fun and proved his points many times in the past - we all get it! Additionally, he made money with his nefarious doings, past and present.
Yes, he "did his time" for the wrong doings of the past, but now it seems that being away from the spotlight just isn't doing it for him.
I had read where Kevin was taking his consulting firm to the next level - at least in his eyes. Kevin decided that "Zero Day" exploits could be a lucrative business and that his business model needed a shift.
Welcome the Kevin Mitnick 0-day exploit for hire business model! Have a look HERE.
Knowing that we live in the United States of America, considered to the "freest" country in the world, I can understand how Kevin thinks this could be "good" idea.
Sadly and pathetically, this is far from a good idea and begs the question, "Was Kevin ever anything less than a 'whore' within the computer and security field?"
In my opinion, Kevin has "jumped the shark" with this business endeavor and has lost what little respect I had in reserve.
Mr. Mitnick has once again decided that "criminal type" behavior is where he likes to live. I use the term "criminal type" because he's engaging in behavior that is not clearly criminal, just looks, walks and acts like that type of behavior... anyone remember the duck analogy?
This is really nothing less than old school pirate or mercenary behavior - period.
Plausible deniability has its roll here as you may be able to infer on his website.
Okay, so Kevin is the broker of "wrong-doing" but not the actual "wrong-doer"... that makes it so much better, right?
I am sure that every transaction will be throughly investigated so that the 0-days do not fall into the hands of the Devil. Certainly these 0-days cannot be traced, certainly the buyers will abide by any type of professional Terms of Use, and the buyers would never pass it on to an insidious user of the 0-day - anyone every hear the term "straw purchase"?
After all, Kevin has never been known to do anything that would be deemed inappropriate or nefarious himself, right?
Regardless of the outcome of this "business", why would anyone consider Kevin Mitnick a security professional?
From this moment on, I hereby propose the title - Kevin Mitnick, Security Whore.
