On 8/7/07, Tracy R Reed <[EMAIL PROTECTED]> wrote: > > I have been hanging out on the sdw2003 mailing list recently to get an > idea of how the other half lives. It's a bit like going to explore a > strange foreign country and getting culture shock. One area where I > suspect we differ is in the area of security.
> I would like a few KPLUGgers to review this thread and give me their > opinion on how they would have advised the original poster 1) He felt safe that the thieves didn't know the encrypting software. So why'd he announce to the world what it was? Stealing a safe means the thieves had some level of sophistication. Who's to say they don't know who their security consultant is and they're not monitoring this software list. Or even that they'll get lucky and happen across the list? 2) Long lines. Ugh. 3) The "fantasy/reality" comment was a little smart ass. That must have riled you. 4) I can't believe he even asked whether to advise the customer to worry or not. Number 4 is the biggest culture shock point I saw. I think any Linuxy folk I've ever talked to would have assumed the worst and taken steps appropriate for that. You don't have to tell your client that their data *has* been compromised. Just that you have to *assume* that it has been. -- Todd Walton, HelpDesk -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
