Frequently Asked Questions
Please send your questions to email@example.com.
Q: Are there any causes of forming YGN Ethical Hacker Group?
A: Since several years ago, there wasn't any public ethical hacking group formed by Myanmar people. We at YEHG noticed there was a Fluffi Bunni group in 2001. Sadly it's an underground hacktivist group. We didn't find any security professionals in Myanmar nationality who mainly place an ideal sign to us. There is no security/ethical hacking jobs in our country. No up-to-date practical computer security courses at computer universities and colleges. Few people discuss about it because of the lack of security awareness. Burmese web sites are full of security holes. And many other reasons.
Q: What does 'YGN' in "YGN Ethical Hacker Group" stand for? Acronym of your group men's names?
A: It stands for the city we live in. YanGoN.
Q: What are the benefits of joining the YEHG?
A: Practical hands-on knowledge and skills. A place to work for your own. A place that represents your own country and people. A place founded by people in the same nationality as you.
Q: How do you think guys in Myanmar who are learning/doing hacking?
A: Honestly, it's good to see many are starting to move to the hacking field. However, most of them learn hacking to do illegal hacking. They might think hackers are those who deface/destroy web sites or systems. But we appreciate if they report these issues to web site owners and then go on to public disclosure (if those issues are failed to solve for a long time) rather than doing nasty things at first.
Q: What is the main difference between IT professional and IT security professional?
A: While IT guy pays attention to designing, building, implementing IT infrastructure, IT security guy enforces security policy and hardening procedures.
Q: I'm tired of seeing vulnerabilities in softwares. Will there be any softwares without ones?
A: New vulnearbilities will always arise as long as security is not enforced. People will not enforce it until their softwares get hacked. This goes on and on until forever.
Q: Why do you publish proof-of-concept codes for vulnerabilities?
A: If we don't publish such PoC codes, people won't care about patching/upgrading their applications. Majority of them mistakenly think vulnerabilities without public exploits are safe to ignore.