funsec mailing list archives
Re: Don' see no "security expert's" round here ...
From: Blue Boar <BlueBoar () thievco com>
Date: Thu, 02 Jul 2009 14:21:54 -0700
Any security consultants ever lost business over getting hacked themselves? BB Robert Graham wrote:
Mitnick is a security expert. I don't have much respect for the guy, and his reputation is more hype than reality, but he's still an "expert" every much so as others who call themselves "security expert". Just because you go around telling people be secure doesn't make you an expert. Any dunce can tell you to "safen up" (to quote Homer Simpson). What takes expertise is recognizing when marginal costs exceed marginal benefits. If inconsequential systems never get hacked, then chances are good that you are spending too much securing them. In Mitnick's case, since nothing consequential was affected, it means that he's not overspending on securing his upstream DNS. The only consequence is reputation loss, although the opposite consequence is free publicity, so it may be a net benefit. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Don' see no "security expert's" round here ... Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jul 02)
- Re: Don' see no "security expert's" round here ... Dan Kaminsky (Jul 02)
- Re: Don' see no "security expert's" round here ... David Harley (Jul 02)
- <Possible follow-ups>
- Re: Don' see no "security expert's" round here ... Robert Graham (Jul 02)
- Re: Don' see no "security expert's" round here ... Chaim Rieger (Jul 02)
- Re: Don' see no "security expert's" round here ... Blue Boar (Jul 02)
- Re: Don' see no "security expert's" round here ... Gadi Evron (Jul 02)