Funsec isn't a representative sample of people. On Thu, 19 Jul 2012, Kyle Creyts wrote:
> I am part of the 1%. > On Jul 19, 2012 2:31 AM, "Drsolly" <[email protected]> wrote: > > > If someone can't be bothered to write their thoughts down, and require me > > to spend 20 minutes to watch a video giving views that I could have read > > in one minute, then I'm not going to devote my time to listen to them. > > > > Since I haven't heard what he has to say, I cannot comment on his views. > > Except to point out that 99% of people are as interested in computer > > security as they are in beetle collecting. And anything that depends on > > them being more interested than that, or better informed, is doomed. > > > > On Wed, 18 Jul 2012, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: > > > > > Marc Goodman (who I believe is https://twitter.com/FutureCrimes and > > > http://www.futurecrimes.com/ ) gave a recent TED talk on trends in the > > use of > > > high technology in crime: > > > > > > > > http://www.ted.com/talks/marc_goodman_a_vision_of_crimes_in_the_future.html > > > > > > The 20 minute talk is frightening, with very little in the way of > > comfort for the > > > protection or security side. He ends with a call for crowdsourcing of > > protection. > > > > > > Now as a transparent society/open source/full disclosure kind of guy, I > > like the > > > general idea. But, as someone who has been involved in education, > > security > > > awareness, and professional security training for some time, I see a few > > problems. > > > For crowdsourcing to work, you need a critical mass of at least > > minimally capable > > > people. When you are talking about a weather reporting app, that minimal > > > capability isn't much. When you are talking about detecting cyberwar or > > > bioweapons, the capability levels are a bit different. > > > > > > Just yesterday the PNWER (Pacific NorthWest Economic Region > > > http://www.pnwer.org/ ) conference became the latest to bemoan the lack > > of > > > trained employees. I rather suspect these constant complaints, since I > > see lots of > > > people out of work. But the people who are whining about employees are > > just > > > looking for network admins and such. We need people with more depth and > > more > > > breadth in their backgrounds. I get CISSP candidates in my seminars who > > are > > > network admins who simply want to know a few ACLS for firewalls. I have > > to > > > keep telling them that security professionals need to know more than > > that. > > > > > > Yes, I am privileged to be able to meet a number who *are* interested in > > learning > > > everything possible in order to meet any need or problem. But, > > relatively > > > speaking, those are few. And my sample set tends to be abnormal, in > > that these > > > are people who have already shown some interest in training (even if > > only job > > > related). What Goodman is talking about is the general public. And > > those of us > > > who have actually tried security awareness know how little conceptual > > awareness > > > we have to build on, let alone advanced technical knowledge. > > > > > > I think awareness, self-protection, and crowdsourcing is probably the > > only good > > > way to approach the problems Goodman outlines. I just worry that we > > have a long > > > way to go. > > > > > > http://blogs.securiteam.com/index.php/archives/1793 > > > > > > ====================== (quote inserted randomly by Pegasus Mailer) > > > [email protected] [email protected] [email protected] > > > On Friday, January 23rd, 2004, in a speech at the World Economic > > > Forum in Davos, Switzerland, Bill Gates stated `Two years from > > > now, spam will be solved.' > > > victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links > > > http://blogs.securiteam.com/index.php/archives/author/p1/ > > > http://twitter.com/rslade > > > _______________________________________________ > > > Fun and Misc security discussion for OT posts. > > > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > > > Note: funsec is a public and open mailing list. > > > > > > > _______________________________________________ > > Fun and Misc security discussion for OT posts. > > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > > Note: funsec is a public and open mailing list. > > > _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
