On Thu, 19 Jul 2012, Kyle Creyts wrote: > Well, of course it isn't. I feel that my message clearly highlights that, > since I didn't suggest that it was a "so-called" 1%. > > I wonder what impact recent, well-known, media-covered events have done to > augment the general population's interest in security?
Well, the G4S fiasco has increased people's interest in security, as in, it's a fiasco. > I know some will be quite quick to suggest that few things shift that > quantity in any notable way, but that strikes me as the patent and > premature dismissal of an interesting question by a jaded (perhaps > "read:experienced?") individual. Some hard data and discussion would be > interesting to me. > On Jul 19, 2012 4:34 AM, "Drsolly" <[email protected]> wrote: > > > Funsec isn't a representative sample of people. > > > > On Thu, 19 Jul 2012, Kyle Creyts wrote: > > > > > I am part of the 1%. > > > On Jul 19, 2012 2:31 AM, "Drsolly" <[email protected]> wrote: > > > > > > > If someone can't be bothered to write their thoughts down, and require > > me > > > > to spend 20 minutes to watch a video giving views that I could have > > read > > > > in one minute, then I'm not going to devote my time to listen to them. > > > > > > > > Since I haven't heard what he has to say, I cannot comment on his > > views. > > > > Except to point out that 99% of people are as interested in computer > > > > security as they are in beetle collecting. And anything that depends on > > > > them being more interested than that, or better informed, is doomed. > > > > > > > > On Wed, 18 Jul 2012, Rob, grandpa of Ryan, Trevor, Devon & Hannah > > wrote: > > > > > > > > > Marc Goodman (who I believe is https://twitter.com/FutureCrimes and > > > > > http://www.futurecrimes.com/ ) gave a recent TED talk on trends in > > the > > > > use of > > > > > high technology in crime: > > > > > > > > > > > > > > > > http://www.ted.com/talks/marc_goodman_a_vision_of_crimes_in_the_future.html > > > > > > > > > > The 20 minute talk is frightening, with very little in the way of > > > > comfort for the > > > > > protection or security side. He ends with a call for crowdsourcing > > of > > > > protection. > > > > > > > > > > Now as a transparent society/open source/full disclosure kind of > > guy, I > > > > like the > > > > > general idea. But, as someone who has been involved in education, > > > > security > > > > > awareness, and professional security training for some time, I see a > > few > > > > problems. > > > > > For crowdsourcing to work, you need a critical mass of at least > > > > minimally capable > > > > > people. When you are talking about a weather reporting app, that > > minimal > > > > > capability isn't much. When you are talking about detecting cyberwar > > or > > > > > bioweapons, the capability levels are a bit different. > > > > > > > > > > Just yesterday the PNWER (Pacific NorthWest Economic Region > > > > > http://www.pnwer.org/ ) conference became the latest to bemoan the > > lack > > > > of > > > > > trained employees. I rather suspect these constant complaints, > > since I > > > > see lots of > > > > > people out of work. But the people who are whining about employees > > are > > > > just > > > > > looking for network admins and such. We need people with more depth > > and > > > > more > > > > > breadth in their backgrounds. I get CISSP candidates in my seminars > > who > > > > are > > > > > network admins who simply want to know a few ACLS for firewalls. I > > have > > > > to > > > > > keep telling them that security professionals need to know more than > > > > that. > > > > > > > > > > Yes, I am privileged to be able to meet a number who *are* > > interested in > > > > learning > > > > > everything possible in order to meet any need or problem. But, > > > > relatively > > > > > speaking, those are few. And my sample set tends to be abnormal, in > > > > that these > > > > > are people who have already shown some interest in training (even if > > > > only job > > > > > related). What Goodman is talking about is the general public. And > > > > those of us > > > > > who have actually tried security awareness know how little conceptual > > > > awareness > > > > > we have to build on, let alone advanced technical knowledge. > > > > > > > > > > I think awareness, self-protection, and crowdsourcing is probably the > > > > only good > > > > > way to approach the problems Goodman outlines. I just worry that we > > > > have a long > > > > > way to go. > > > > > > > > > > http://blogs.securiteam.com/index.php/archives/1793 > > > > > > > > > > ====================== (quote inserted randomly by Pegasus Mailer) > > > > > [email protected] [email protected] > > [email protected] > > > > > On Friday, January 23rd, 2004, in a speech at the World Economic > > > > > Forum in Davos, Switzerland, Bill Gates stated `Two years from > > > > > now, spam will be solved.' > > > > > victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links > > > > > http://blogs.securiteam.com/index.php/archives/author/p1/ > > > > > http://twitter.com/rslade > > > > > _______________________________________________ > > > > > Fun and Misc security discussion for OT posts. > > > > > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > > > > > Note: funsec is a public and open mailing list. > > > > > > > > > > > > > _______________________________________________ > > > > Fun and Misc security discussion for OT posts. > > > > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > > > > Note: funsec is a public and open mailing list. > > > > > > > > > > > > _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
