I agree that during POC you may have to let your guard down once in a while just to get things done pronto but if you're the foremost IT agency of the government and your idea of security is a joke, it's unthinkable.
On Mon, Apr 13, 2009 at 7:15 PM, Orlando Andico <[email protected]>wrote: > In my experience working inside a Huge Closed Source corporation and > dealing with government: > > The reason why this is so, is because government agencies have a > budget to pay the Huge Closed Source corporation. And for this budget, > they expect the drones of H.C.S. (that's me!!) to do everything for > them. > > Repeat this for many, many years (remember, government agencies WANT > to use up their IT budget every year, otherwise it gets cut) and so > you have folks who are more of PM's (e.g. they kick the butts of the > technical / support / consulting people from vendors) than hands-on IT > types. > > and I have to tell you guys: when I do a demo / PoC, even though I > know better, in the interests of getting things done, more often than > not I do the ff: > > /sbin/iptables -F > /usr/sbin/system-config-securitylevel (and then turn off SELinux and > the firewall) > > I tell myself, the system is behind a system-wide firewall anyway... > > > > On Mon, Apr 13, 2009 at 1:31 PM, Cocoy Dayao <[email protected]> > wrote: > > > > On 04 13, 09, at 1:15 PM, jan gestre wrote: > > > >> Even the much acclaimed/maligned CICT employs incompetent people, > >> we're able to login to their MySQL database running on Fedora that > >> has no root password, imagine that! sighhh > >> > > > > You don't suppose Homer Simpson is running their box? > > > > -- > Orlando Andico > +63.2.976.8659 | +63.920.903.0335 > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > http://lists.linux.org.ph/mailman/listinfo/plug > Searchable Archives: http://archives.free.net.ph > -- http://jangestre.wordpress.com
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
