lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu May 11 18:46:28 2006
From: bkfsec at sdf.lonestar.org (bkfsec)
Subject: MS06-019 - How long before this develops into
	a	self propagating email worm

n3td3v wrote:

> On 5/10/06, Juha-Matti Laurio <juha-matti.laurio@...ti.fi> wrote:
>
>> threat meters:
>
>
> Seriously, threat meters are a waste of time and should be scraped by 
> all.
>
Hey, I believe it's right to tell someone when they're wrong and give 
them credit when they're right... and although I disagree with some of 
your conclusions, I have to say that you've got a good point here.

About all that these threat meters do is drum people into action.  That 
is, deep down, a good thing, but it's something that people should be 
careful with.  Computers, and in particular computer security, is 
something that many people think is magic.  An organization that is not 
well mitigated and is not vigilant is as likely to get cracked into 
during a high threat level as it is at a low threat level... the threat 
meters do give people a false sense of security and a false sense of 
fear and really do only measure paranoia.

Now, that's not to say that they don't have a use, but like all tools if 
it's misused, the results will not necessarily be good.  Something to 
keep in mind.

          -bkfsec


Powered by blists - more mailing lists