To be fair, the idea that your security costs shouldn't outweigh potential harm really shouldn't be controversial. You don't spend a billion dollars to protect a million dollars worth of product.
That's hardly trolling. On Wed, Oct 10, 2018 at 10:54 AM Naslund, Steve <snasl...@medline.com> wrote: > > Mr Herrin, you are asking us to believe one or all of the following : > > 1. You believe that it is good security policy to NOT have a default DENY > ALL policy in place on firewalls for DoD and Intelligence systems handling > sensitive data. > > 2. You managed to convince DoD personnel of that fact and actually got them > to approve an Authorization to Operate such a system based on cost savings. > > 3. You are just trolling to start a discussion. > > The reason I asked what system it is would be to question the authorities at > DoD on who and why this was approved. If you don't want to disclose that > then you are either trolling or don't want anyone to look into it. It won't > be hard to determine if you actually had any government contracts since that > is public data. There are very few systems whose EXISTENCE is actually > classified, but you were the one that cited it as an example supporting your > policy. If you cannot name the system then it doesn't support your argument > very well does it. Completely unverifiable. > > In any case I believe the smart people here on NANOG can accept or reject > your security advice based on the factors above. I'm done talking about this > one. > > Steven Naslund > > > >> Want to tell us what system this is? > > >Yes, I want to give you explicit information about a government system > >in this public forum and you should encourage me to do so. I thought > >you said you had some skill in the security field? > > > >Regards, > >Bill Herrin > -- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0