You may remember from my post that the security issues involved in different people from around the world. The result is that in this group of people are also our countrymen from Poland. Not so long ago, one of the Polish names appeared next to the updates and security vulnerabilities in Joomla 1.7 and (first edition) 2.5. In this way my trail fell on Jacob, with whom I swapped a few words in an interview.
First, James tell me, what do you do?
I’m working for years with securing servers and websites. In addition to the execution of orders in the country (Poland), which once more I work with companies from abroad to support the development of secure software.
What were your first steps as an IT specialist?
Information is from when I was 13 years old. Then for the first time realized, “testing server security,” I work under the watchful eye of school IT teacher. As a teenager, it is difficult to convince the “big companies”. Many times to prove his worth for free implement projects towards building a resume (15 year olds do not want nobody officially entrusted with the project, but for free – you’re welcome;). So he broke into Warsaw (the capital) and started “professional career”.
Why did you choose the safety of the CMS, as you probably know, after computing is like the medicine is so many different issues?
Exactly, as in medicine, the needs of different professionals. Hobby approach to security allows me to “do more” and work for longer than corporate or IT administrators who are their “adventure” of IT usually finish at 16:00. IT security because they chose an excellent game. Besides, it is so varied and interesting, that there is no chance to get bored.
What made you decide to choose exactly Joomla?
Choosing Joomla was a natural thing, because I test different CMS. Joomla Was another content management system “to test”, my support can partially check the manufacturer’s website (joomla.org).
What do you think the component to be protected from “hacking” is worth your attention?
I think the most important aspect of defense against hackers is … thinking. :) What of our million spent on anti-virus policies or hardware firewalls, if you click a link from an e-mail with the subject “I Love You”? From the James promised in the near future to look at the popular components to improve the safety of Joomla (RSFirewall and Akeeba Tools Pro) and write a few words about them. Also, I’ll keep you posted.
What skills or knowledge must have a person who wanted to deal with Penetration Testing web applications? What would you advice to beginners?
When it comes to. “Difficult beginning”, it is easiest if you have two skills: able to read with understanding and write. “The rest is on the internet.” Speaking seriously, in addition to these characteristics, what matters is the actual determination and desire to develop, because reading and writing is so much (due to the development theme) that is usually discouraged “young”.
As I heard you also organize training, what is their range and whether it includes online learning?
Yes, it happens. Training Course is mostly practical exercises. We process online attacks and defenses against them. Recently, however, training has evolved in the “consultations”. This form of relationship with clients allows me to call and penetration tests, and “training”.
And over the last work?
Last intensively researching the safety of new Internet applications because all the time looking for further orders. Software is available eg http://sourceforge.net I install at home and “perform tests”. In this way I know how to work later at the client (which often uses the free solutions such as Joomla) and which offer protection during the project.
Thank you for this interview and good luck in implementing your own projects and share them on http://hauntit.blogspot.com.