lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <5e01c29a0710151358y4d4b9cche07beba1b9f773ef@mail.gmail.com>
Date: Tue, 16 Oct 2007 06:58:40 +1000
From: silky <michaelslists@...il.com>
To: "Daniel Sichel" <daniels@...derosatel.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Is this sane?

mmhmm.

quick, now someone bring up full disclosure vs responsible disclosure.



On 10/16/07, Daniel Sichel <daniels@...derosatel.com> wrote:
>
> >My question is the following: does this sound sane to you? Do you
> >really believe that someone will let you do all that, without causing
> >chaos? Laptops are good because they are mobile. You are allowed to
> >take them out and work from home. At home you have your own network
> >which you would like to connect to. Even if you use a different
> >account on that same laptop to connect to that network, the risk is
> >still there. A system is as secure as the weakest link.
>
> This seems a rational observation. A system that cannot be used due to
> "appropriate" security precautions is a useless system. When you make
> security too onerous for end users, they subvert it, and who can blame
> them? Their primary responsibility, at least in the commercial world, is
> to get their assigned duties completed. When computer security begins to
> seriously interfere or hamper that goal, then we have become their
> enemy, not their ally. It's the same old story, computer security is
> something you have, end user trust; and something you know, I must (and
> can) allow my end users to get their jobs done timely and securely.
>
> Daniel Sichel, CCNP, MCSE
> Network Engineer
> Ponderosa Telephone
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>


-- 
mike
http://lets.coozi.com.au/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ