[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <AANLkTikhgEnOobZowV53+p_2vX_=M=+HfRRNCZxySOPw@mail.gmail.com>
Date: Thu, 23 Dec 2010 03:26:03 -0500
From: wac <waldoalvarez00@...il.com>
To: lists@...com.org
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Making Security Suck Less
Aha, welcome to the world. It is broken and will likely keep that way
for long. So do what i do... Adapt, take a seat, wear a green hat if
you can and forget about the rest. They will not understand, nor they
want to. Besides we would see a load of net admins loosing their jobs
/ companies filling bankruptcy if the model changes so...
You know what.. Bertrand Russell said once:
"Men who are unhappy, like men who sleep badly, are always proud of the fact."
Sort like the old way of saying "don't worry be happy!" :D
And I have serious doubts about that OSSTMM btw.
On 12/16/10, Pete Herzog <lists@...com.org> wrote:
> Hi,
>
> "Now not everything about the old security model is bad. Personally, I
> really like the Zen feel of it. It's like raking the fine, white,
> beach sand into those concentric lines and around rocks and dead fish
> and stuff. It's very Zen. Then as the tide rises, the wind blows, and
> Frisbees get badly thrown you have to do it all over again in a very
> Zen way like this: Install. Harden. Configure. Patch. Scan. Patch
> again. Update. Re-configure. Scan. Patch again. Uninstall. Re-install.
> Configure. And then you do it all over again! With so much Zen
> practice it's hard not to become a Master of the security repeat
> cycle. But you know what else is Zen? NOT doing that. It's less
> stressful to maintain an existing balance between operations,
> limitations, and controls then running around and putting out fires."
>
> This is from my new article called, "Making Security Suck Less" you
> can read finished at:
>
> https://www.infosecisland.com/blogview/10304-Making-Security-Suck-Less.html
>
> There's some more, new articles reviewing the OSSTMM and the new
> security model at InfoSec Island here:
>
> https://www.infosecisland.com/osstmm.html
>
> Sincerely,
> -pete.
>
> --
> Pete Herzog - Managing Director - pete@...com.org
> ISECOM - Institute for Security and Open Methodologies
> www.isecom.org - www.osstmm.org
> www.hackerhighschool.org - www.badpeopleproject.org
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists