At 09:01 PM 8/23/00 +0200, mouss wrote: >This is true in an ideal world, however: > >- customers are "stupid" (not that these are supid people, but they may be >considered >as stupid customers, in the sense that you can sell them poducts using an >irrational approach). Hmm, it appears one has to watch the Matrix a few more times to really understand :) >- companies are not trying to maximize their situation, but only to make >it better >(there's a difference here) Companies don't understand their pain. They want to, but the doctor's that are explaining to them are talking at such a high level, that they are very confused. >- there is no effective way to judge people. you can only ask'em >questions, hear'em >talking, ... you can't get inside their brain. Yes, you can ask questions starting at the high level and work one's way down to the trivial. It is called top down approach. Many programming courses speak of it.. :) >so, the tree components (customer, company, employee) of the system can >hrdly follow >any rational model. Knowing that, you can hardly expect that any of these >components >will follow a rational process.... Untrue, I think there are few firewall developers who majored in Psychology that may have differing opinions, but you never know.(Hi MJR) >you can hire a "hacker" if you "feel" it. It's the same as the decision >you take >when you see a girl/boy in a party. you might get excited and think she/he >should >be in your bed that night. Discovering later that she/he "was not the one" >is an >event that you could hardly predict.... >After all, you can only get "performance" if you abandon "robustness". If >there is >no risk, there is no reason to get paid... It is not about hiring hackers, the point of the topic are Online Security Services Really Worth the Money? What value do they provide a typical organization? Is their a trade off between having a security staff or relying on some vendor that is backed by some VC or Big Six corp that just wants to show market share and not really help anyone.. /mark >mouss > > > >At 11:46 23/08/00 -0400, Meritt, Jim wrote: >>IF (a big "if"): >>1. You can trust them with your entire being (say, you AREN'T "secure" and >>they find out exactly how and where you are most vulnerable) >>2. They are as good as you think. - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
