There was some ongoing consternation at ISS around 96-97 about an employee being a Phrack editor. Management talked to them but it didn't threaten their career.
I have faint memories of SNI people being upset that ISS salespeople tried to pigeonhole us as hackers (this all precedes the widespread adoption of the hat coloration system).
I guess, on post-97, pre-99 ISS, I stand corrected. :)
With a team like ISS X-Force, it would be silly to claim there wasn't any hackers involved.
Infact, I'm pretty sure there was quite a few Phrack articles written by ISS employees in their earlier life, under their irc names,,, myself included. ;)
I think most of the content that would have gone into Phrack in early days became posted as commercial vulnerability research later on.
I think perhaps not everyone that would want to participate had their career in software security though, and I can imagine some other software sectors where they might look unkindly on the relationship. E.g. Someone working deep in the bowels of some company in the financial sector but their hobbies are more diverse.
Hacking became "cool" for the corporate world in the late 90's. Movies like The Matrix and the fact that nothing too valuable was online yet meant that getting hacked was likely just web site defacement. Meanwhile, there was finally real money to be made in developing security for when the web finally became worth protecting.
You know, I might be conflating phrack with 2600 in my head. IIRC (which is by no means guaranteed) 2600 was (is?) a bit more edgy, but I was regularly reading both at around the same time in the early 2000's, so some of my ideas about them might be mixed after all this time.
