[Techtalk] Gender as a weapon? Pen-testing and female auditors

R. Daneel Olivaw linuxchix at r-daneel.com
Tue Mar 16 02:22:18 EST 2004 

Hello there,
I guess that a robot male like me should not interfere here, but ...

> 	Seventeen "will you date me" mails and two marriage proposals
> later (sigh), I had a few intelligent reasonable replies. There is
> strong community demand for me to write a case study about my
> experiences testing security, it seems. I'm up for it, but I want to
> keep it professional and interesting without encouraging anyone to
> treat me like a piece of meat. I am still very of two minds about
> using my sexuality in my line of work. Yes, it could be devastatingly
> effective, and the point of a vulnerability assessment is to test the
> strength of their defenses. Holding back or refusing seems like doing
> less than a full job. And in an industry where it actually does kind
> of suck to be a girl sometimes, it seems mad not to use every
> advantage I've got. But on the other hand, I can't constantly be
> telling me people "just treat me like any other geek, not like a piece
> of meat" and then turn around and act like a piece of meat. That's
> hypocritical.

I would keep it as a secret weapon in case you need it. This kind of
"social engineering tool" reaches best efficiency when unnoticed.
I know this is often used to make me buy something or accept facts I
disagree with. How could I dare to deceive that pretty charming voice
asking me how much I pay for the challenging dsl operator ? I know I am
ready to fall, well, easily, but knowing it helps. I would classify it
with other men's and women's social skills that breake my "natural
resistance to marketing techniques".
I guess, that gender issue is mutual and should be efficient from and to
both genders.
When I notice that that pretty person is trying to circumvene my
defenses, I actually begin to disregard that person and the whole
company she is representing. I guess, that's what you'll call "becoming
a piece of meat".
I try to be nice to people so I may be using somthing similar too, but I
guess that the limit is at that point : doing it purposly, knowing you
are doing it just to reach your goal (hypocrisy) or just "being that
way" (natural empathy).

On the other hand, no one is innocent ... 
 
> 	I normally solve this problem by staying mostly on the tech side
> of the house and letting others do the social engineering.  I'm a
> rotten liar anyway.  But the few times that I have even dipped my toes
> in, it's been shockingly effective.  But ew.  Slimy.

I read different things, like :
If you want to know about someone's personality, give him/her Power.
or even :
The most powerful weapon is the one you don't need to use.

I mean : if you feel unconfortable doing things, don't do them. I use it
as a primary rule. Unlike you, I cannot lie, even at my job. This is a
major handicap, but I just feel unconfortable, I don't want to accept
myself as a liar, so I try not to lie.
I guess that I just try to imagine the consequences, what people will
think of me, even if they will never know. It's just about 'me, myself
and I', 
 
> 	So, I'd like to poll some other geekfemmes.

oops, I'm wrong here, ... are robots accepted ?

> If you have any
> stories about being able to get what you wanted in a tech capacity or
> a social engineering capacity, and you think being a girl had anything
> to do with it (or, conversely, if you're a guy who has used his
> sexuality to social engineer), I'd love to hear about it.

At my office, we hired a woman for the technical staff, but
unfortunately, she had to leave a couple of months later. I noticed that
change of attitude, when I introduced her to customers. The boss at most
of our customers were men, and were quite smiling ... I cannot deny this
result. It just ... exists.

> Is it okay to do this sort of thing?  Is it encouraging or setting
> back feminism?

Your main question will be : If I succeed, is it because I am efficient
at my job or because I look pretty ?
Maybe both, maybe looking pretty is just a bonus, that little plus that
will set you on top of other's choices.

Anyhow, do what you think is "right".

bye,

R. Daneel Olivaw,
The Robot Inside

More information about the Techtalk mailing list