This is a theme that is quite controversial since a long time: Is it a good idea to hire known hackers to improve security of your products? It was an interesting process to follow a time ago, when the guy who wrote Sasser (and brought down several networks), was arrested by Law Enforcement and even during the trial got a job in the security industry. Pretty good deal, isn't it? Beforehand he had no job, nothing. Afterwards, he did not have to go to jail but got a job.
Now, today an article stroke me that different hackers move to the software industry: Hacker movements: Murphy joins Apple; Caceres to Matasano
What do you think about it? Are these the right people to secure our networks and/or products? Do they even have the right skill-set?
I am interested in your view
I think hackers should be given a fair chance.
Hmmm, you should really distinguish a cracker and hacker. And which one is malicious and which is not. In top of that, mr Zalewski is not malicious. You are dragging a brilliant researcher into same league as some filthy malware writer.
When I talk to customers I sometimes ask them, whether they do background checks on whom they hire as