<p dir="ltr">I see the idea behind the certification, but in practice that seems mostly useful to employers when hiring individuals with little on their resume. </p>
<p dir="ltr">And I'll second the point on bridging networks. Some creative use of stunnel can easily fool most security devices and allow anything in or out of a secure network.</p>
<div class="gmail_quote">On Mar 6, 2013 11:55 AM, "David Ritchie" <<a href="mailto:deritchie@gmail.com">deritchie@gmail.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br><br><div class="gmail_quote">On Mon, Mar 4, 2013 at 12:56 PM, Jim Kinney <span dir="ltr"><<a href="mailto:jim.kinney@gmail.com" target="_blank">jim.kinney@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br><div class="gmail_quote"><div>Given the importance of reliable software in a growing number of areas, I see a need to have professional licenses for programmers that touch finance, health care, public safety, etc. We don't let just anyone design a bridge and that's for good reasons. We need to rethink this field from a public health and safety perspective.<br>
<br>I can also see a need for mandatory professional certifications for System Administrators in those same areas. <br><br>ditto for DBA work.<br></div></div><div><div><br>James P. Kinney III<br>
<br></div></div></blockquote><div><br>Snort... the mice voting to bell the cat.<br><br>1) Will never happen, as the companies want huge masses of potential employees for which that they don't have to pay much. <br>2) How would you certify competency? The field is changing all the time, and the demand for people who even 'kinda' know what <br>
they are doing currently (and probably for the indefinite future) will outstrip supply. <br>3) Supposing (or more correctly, "when") something blows up - what would be 'punishment' meted out against the professional? <br>
Are they really to blame when their employers aren't willing to patch, or unwilling to listen... ??<br>4) Shelf life of professional certifications is short, so professionals have to be selective. Licensing will, by definition, be bureaucratic and trail <br>
current practice. Often the certification questions are a laundry list of random stuff that may or may not have any use in day to day administration, <br>or aren't specifically geared to security related issues. I can't expect licenses to be any more current.<br>
5) making network secure that are also usable by your employees to get their jobs done (particularly as more and more stuff is becoming cloud/web based)<br>is really a PITA. IPV6, I am guessing, is going to make this even harder, and corporate IT departments are largely clueless about it. That is just one way<br>
to see this blowing up. Bridging networks outside of buildings is getting increasingly trivial to do, particularly if have some level of physical access. SSL VPN's<br>and tunneling are particularly troubling to me... <br>
<br>Disclaimer: Not based on experience with any past, present, or future employer(s). I do this to build my typing speed. <br><br>-- David <br><br><br></div></div>
<br>_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
<br></blockquote></div>