Re: No AV? Shock, horror!

[Rich Kulawiec <rsk () gsp org>]

On Tue, Sep 29, 2009 at 10:39:36PM -0400, Michael Collins wrote:
> Well, I've checked off that "I bought a  
> firewall" box, so I *must* be scure), and because it does give  
> developers a way out.

I agree; and I'll point out that this also provides air cover
for management when subsequent incidents happen, because they can
then issue press releases that read:

        "We took all reasonably and customary measures...
        No one could have foreseen...
        We spent $BIGNUM on state-of-the-art(TM) firewalls..."

Never mind that the first rule in those firewalls is

        pass all from any to any

---Rsk
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.