I was in two 'crews' as they used to call them in the early 00s. I'm not sure if you would really want join them. I think I prefer my current networking (twitter, github, blogposting, hacker news, stack overflow, etc.)
Back at the time, there was no StartUp culture (where I lived, not talking about Silicon Valley), everything was closed and there was a huge debate over full disclosure (I'm not even sure how it ended... I remember tf8, antisecurity.is and the rest...).
There were a few skilled people around and almost everybody knew them. WEB 2.0 didn't exist (twitter, facebook, etc.) the web was a totally different place...
I'm not sure it was better though, it seemed way more exotic IIRC. But the general behaviors of the communities (linux communities, hacker communities, etc.) was awful: You were getting your fair share of curses every day. Some IRC networks were wild, with DOSSes (flood, nuke and other shit which could disconnect a 56k easily) flying around. Exploits were flying around, some private some not-so-private.
Security was not an industry and the required skillset was not so extreme as it is today. I mean, you could do quite some damage without being very technical. Things changed after 2002-3 (you can see this in the Phrack articles, turning suddenly extremely technical).
Then the web-based internet came out, everything start requiring PHP+SQL and XSS was born. Then Java and after that JavaScript... Which created a new, less sophisticated attack vectors.
Then the era were officially sponsored cyberwars came into play arise. Stuxnet was the most prominent example of this era, with the NSA revelations and China's cyber-army giving a clear view of how the security industry is shaped nowadays.
Today there are no crews like Team TESO (I'd like to read about the story of their members...), ADM, etc. I still remember 's0ftproject[1]' back in the days in Italy. Some members can still be found involved in the Tor project.
Anyway, things have changed for the better or worst. Better keep up with the times...
ps. Today's world should be considered a kinder-garden for a security professional. Way more attacking vectors (so more protection needed) and a huge amount of companies which understand the importance of computer security. Back in the 2001 telnet was still widely used...
Security wasn't an industry before 2002? Huh? Security made millionaires out of half of #!r00t and (I assume) #w00w00 before 2000, mostly due to ISS. It professionalized in the mid-1990s.
Hm, security made millionaires you say, I'm not sure about that. WhatsUp is not the kind of application that I would expect from a former w00w00/TESO/MoD/ADM/Gobless/LSD-PL/whatever. Most of them are into security I assume and I don't recall anyone becoming millionaire, in the sense that no story made headlines to my knowledge.
But you probably know better, since you're on the field.
People have been selling security companies for 8-9 figures for the last 13 years or so, more or less continuously. And when we're talking about #w00w00 / #hack / #!r00t, you also have to contend with ISSX, which was an extremely successful IPO. So, yeah: reevaluate that thought.
>Things changed after 2002-3 (you can see this in the Phrack articles, turning suddenly extremely technical).
>Then the web-based internet came out, everything start requiring PHP+SQL and XSS was born. Then Java and after that JavaScript... Which created a new, less sophisticated attack vectors.
What does that mean?
Tim Berners-Lee might like to have a word with you about when the "web-based" internet came out.
I was in two 'crews' as they used to call them in the early 00s. I'm not sure if you would really want join them. I think I prefer my current networking (twitter, github, blogposting, hacker news, stack overflow, etc.)
Back at the time, there was no StartUp culture (where I lived, not talking about Silicon Valley), everything was closed and there was a huge debate over full disclosure (I'm not even sure how it ended... I remember tf8, antisecurity.is and the rest...).
There were a few skilled people around and almost everybody knew them. WEB 2.0 didn't exist (twitter, facebook, etc.) the web was a totally different place...
I'm not sure it was better though, it seemed way more exotic IIRC. But the general behaviors of the communities (linux communities, hacker communities, etc.) was awful: You were getting your fair share of curses every day. Some IRC networks were wild, with DOSSes (flood, nuke and other shit which could disconnect a 56k easily) flying around. Exploits were flying around, some private some not-so-private.
Security was not an industry and the required skillset was not so extreme as it is today. I mean, you could do quite some damage without being very technical. Things changed after 2002-3 (you can see this in the Phrack articles, turning suddenly extremely technical).
Then the web-based internet came out, everything start requiring PHP+SQL and XSS was born. Then Java and after that JavaScript... Which created a new, less sophisticated attack vectors.
Then the era were officially sponsored cyberwars came into play arise. Stuxnet was the most prominent example of this era, with the NSA revelations and China's cyber-army giving a clear view of how the security industry is shaped nowadays.
Today there are no crews like Team TESO (I'd like to read about the story of their members...), ADM, etc. I still remember 's0ftproject[1]' back in the days in Italy. Some members can still be found involved in the Tor project.
Anyway, things have changed for the better or worst. Better keep up with the times...
ps. Today's world should be considered a kinder-garden for a security professional. Way more attacking vectors (so more protection needed) and a huge amount of companies which understand the importance of computer security. Back in the 2001 telnet was still widely used...
[1] http://www.s0ftpj.org/