-
February 8th, 2008, 04:41 PM
#1
6 Dumbest Ideas in Comp Sec
The link to this has been posted on another thread, but I thought that it was provocative enough to merit discussion on its own. It is about 18 months old.
The article is here:
http://www.ranum.com/security/comput...itorials/dumb/
And the ideas are:
1. The Default Permit
2. Enumerating Badness
3. Penetrate & Patch
4. Hacking is Cool
5. Educating Users
6. Action is Better Than Inaction
Views?
-
February 8th, 2008, 05:22 PM
#2
Honestly, I've had that philosophy since I began working in the enterprise. I used to seriously wonder how some people would have any other view than that and because of that I was repeatedly blackballed.
I'll give one example:
I was the senior network dude at the recently purchased xyz corp. I was told that there was a mandate from the new CEO to put the newest, bestest version of software on all of our corporate switches. The reasoning behind this was that if we didn't run that release of code, how could we expect our customers to use it? right? I mean the medical research always shows his faith in the that new shiny pill by taking it himself, right? pfftt!!!
I explained to the powers that be in a rather blunt way (read that "I hadn't learned the corporate talk and I was honest about it") that the software was not ready for primetime and, in fact, would cause serious problems in our environment and that loading that software was in diametric opposition of my job description.
End of story: I was cordially invited not to return to any meetings involving the CFO or customer support department. (read that:"They were serving up my ass at some future date.") Strangely enough the code was not loaded on the network and was returned for more testing.
I've since learned how to approach those situations in a much different manner.
The only thing I'm more sick of than CIO,CEO, COO reading magazines and thinking they know it all is techs who are reading those same articles.
Default to deny. That's a religion for me.
cheers and a very good read.
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
Similar Threads
-
By The_Captain in forum Wireless Security
Replies: 9
Last Post: November 17th, 2005, 06:47 AM
-
By hesperus in forum Miscellaneous Security Discussions
Replies: 6
Last Post: September 13th, 2005, 02:58 PM
-
By thehorse13 in forum Miscellaneous Security Discussions
Replies: 11
Last Post: June 8th, 2005, 03:19 AM
-
By coolcamel in forum Newbie Security Questions
Replies: 17
Last Post: April 11th, 2004, 01:21 AM
-
By korndogma in forum Security Archives
Replies: 6
Last Post: January 26th, 2002, 03:32 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|