Bugtraq mailing list archives
Re: No Security is Bad Security:
From: scott () bernadette net (Scott)
Date: Thu, 4 Feb 1999 19:25:24 -0600
Security is *not* cost-intensive, if you build it in the first time, or add it in as you upgrade your environment, especially as you value it against the total loss of your environment.How can you determine everyone's cost and value? Some don't care or feel they have any need for security, thus incuring unwanted cost. This stems from of viewing security as a defensive perspective.
I agree with your statement that some don't feel the need for security, thus wanting to avoid the cost. I disagree with your conclusion that it is OK for them to feel that way. When people forgo proper security on their equipment it makes them easy prey to become launch platforms for other abuses that are aimed at folks outside their realm. I liken the situation to that of mandatory seat-belt laws. According to your argument, people who don't value their lives shouldn't be made to wear seat-belts. But what happens when they crash and must be hospitalized? Collectively as a society our insurance rates go up, and if they have no insurance then the public must bear the additional cost of his medical bills. In other words by not wearing a seat-belt he places a burden on those around him. The same is true for those that are connected to some network larger than their own. Insecure boxes place a tremendous burden on the rest of us. If you are still unconvinced, just look at the headers of the last SPAM/UCE you got. Scott Stubbs bernadette.net
Current thread:
- Re: More oshare testing., (continued)
- Re: More oshare testing. Cristiano Lincoln Mattos (Feb 05)
- Re: More oshare testing. Dariusz Zmokly (Feb 04)
- Re: No Security is Bad Security: Kevin Day (Feb 02)
- Re: No Security is Bad Security: Jan B. Koum (Feb 03)
- Re: No Security is Bad Security: Russell Fulton (Feb 04)
- Re: No Security is Bad Security: Jan B. Koum (Feb 03)
- Re: No Security is Bad Security: ecx (Feb 04)
- Update on w00w00 article (bug report) Shok (Feb 04)
- Re: No Security is Bad Security: Donald Moore (Feb 04)
- Re: No Security is Bad Security: der Mouse (Feb 04)
- Re: No Security is Bad Security: Taral (Feb 04)
- Re: No Security is Bad Security: Scott (Feb 04)