lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: nodialtone at comcast.net (Byron Copeland)
Subject: Authorities eye MSBlaster suspect

On Fri, 2003-08-29 at 19:13, Valdis.Kletnieks@...edu wrote:
> On Fri, 29 Aug 2003 14:46:32 PDT, morning_wood said:
> > >And has it occurred to you that *MAYBE* his "high paying job" would
> > >be more productive if he wasn't spending most of his time having to deal with
> > >people breaking in, either proactively or reactively??
> > 
> > that is his job
> 
> You're totally missing the point.
> 
> If I'm doing security 30 hours a week, that's 30 hours a week I'm not available
> for other things.
> 

??? uh, the extended coffee breaks?

> That's 30 hours I'm not spending helping do network performance tuning for the
> mail server.  I'm sure the 70,000 users of the mail server would prefer that
> I was able to do that instead.
> 

You mean... Member of the Exchange server mop & broom crew?

> That's 30 hours I'm not spending designing a new, more featureful print
> management system.  I'm sure the people who get print jobs that we need
> to keep running (accounts receivable, invoices, purchase orders, etc) would prefer
> I was able to do that instead.
> 

Your printer says it needs white toner.

> That's 30 hours I'm not spending diagnosing compiler and kernel bugs.  I'm sure
> the researcher who has a $2M grant project dead in the water would prefer I was
> able to do that instead.
> 


> That's 30 hours I'm not spending working on a way to migrate users from Windows to Linux.
> I'm sure the people who are looking at a $500K/year bill for Microsoft licenses (and want
> a way to save money) would prefer I was able to do that instead.
> 
> That's 30 hours I'm not spending deploying a new release of Listserv that has
> features that my users are asking for.  I'm sure that many of the users on our
> 6,023 lists would prefer I was able to do that instead.
> 
> You starting to see a pattern here?
> 

Jack of all trades?

> And yes, those are *ALL* things that are *part of* "my job".  Many of them are
> things I'd enjoy doing more.  All of them are things that would provide more *direct*
> benefit to my site than "doing security".
> 
> And you can't weasel out by saying "Hire somebody else to do that other stuff"  or
> "hire somebody else to do security" - the point is that if we did hire somebody else,
> then we'd only have 1 person of the 2 available for productive work.  If we didn't
> have to keep spending resources on security, BOTH people would be available then.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ