| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040511153730.9411.qmail@web41607.mail.yahoo.com> From: keydet89 at yahoo.com (Harlan Carvey) Subject: Calcuating Loss Clint... Two words..."testing process". What happened to that? Don't tell me you're installing patches directly to production systems... --- Clint Bodungen <clint@...ureconsulting.com> wrote: > How about when Micro$oft releases a bundled patch > (cough cough MS04-011) to > fix several bugs and security holes (supposedly to > help "minimize loss" from > these bugs and worms) only to find out that the > patch itself has broken just > as many services as it fixed, taking down one's > server for a few hours, > causing yet... more loss! ;-) > > > > ----- Original Message ----- > > > Loss? > > > > One of my biggest complaints is the way the > industry "loses billions" > > whenever a virus or worm breaks out. > > > > I mean, securing and maintain your server is not a > loss. Installing and > > updating your anti virus or IDS package is not a > loss. All of these > > things should have been done anyway. > > > > If a server goes off line, I guess you could > measure the revenue it may > > have produced as a loss, but technically, that is > lack of income, not > > true loss. > > > > If you see someone complaining about all the money > they lost doing what > > they should have been doing all along, I just see > spin. And politics. > > > > M > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists