On Tue, Sep 29, 2009 at 10:39:36PM -0400, Michael Collins wrote: > Well, I've checked off that "I bought a > firewall" box, so I *must* be scure), and because it does give > developers a way out.
I agree; and I'll point out that this also provides air cover for management when subsequent incidents happen, because they can then issue press releases that read: "We took all reasonably and customary measures... No one could have foreseen... We spent $BIGNUM on state-of-the-art(TM) firewalls..." Never mind that the first rule in those firewalls is pass all from any to any ---Rsk _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.