Being Ethical

I post about pen-testing and digital forensics challenges that I do.  I think that that can give the wrong impression of the kind of person that I am. 

I don't like "hacking" in the derogatory sense.  It is morally wrong when you harm other people or cause their machines to malfunction.  Someone stole my identity when I was younger, and I remember all of the hoops that I had to jump through to put my life back together.  I don't wish that kind of harm on another person.

It's also unethical.  I analyze risk.  If someone is caught doing something wrong, it makes them untrustworthy.  That means that they could be blacklisted from getting hired anywhere.  I don't think that hacking someone without permission is worth that risk. 

I like doing the challenges because they are like puzzles to be solved.  Nothing more than that.  I've always liked solving puzzles.  Right now, it's a hobby that I enjoy. 

Some day, I hope to get into the field.  I'm not sure exactly which area yet.  There are many areas in the field of computer security.  Right now, I'm just learning a little bit of everything that I can.  Pen-testing and defense, for instance, are two sides of the same coin, according to Ed Skoudis.  How can you defend a network if you don't know the avenues that are available to exploit it?  So, even though I'm learning some pen-testing, it could be relevant to defense and vice versa.