Security Basics mailing list archives
RE: A reminder that security is not inherently solvable with tech nology
From: Ranjeet Shetye <ranjeet.shetye2 () zultys com>
Date: Tue, 28 Oct 2003 15:25:01 -0800
On Tue, 2003-10-28 at 03:01, Jack Solomon wrote:
On Fri, 2003-10-24 at 19:02, Hagen, Eric wrote:The fact is that in the US, an individual would likely be arrested for even threatening to release this information. The problem with the countries overseas is that US laws, especially the privacy laws, are virtually unenforcable. While the activity of releasing that information it illegal in the US, it is not usually illegal in another country, therefore, even if the individual released that information while residing in his native country, his actions would be entirely lawfull, and even under extradition treaties, the US would have little or no recourse in sequestering that information, which is a huge problem. Just my 2c. EricMy 2 pennies... I find it interesting that you consider unenforceability of US laws across the rest of the world a problem. Whether North America grasps it or not, it is part of a larger community. Over here in the UK we have a very good legal system. We've got legislation too, including the Data Protection Act and the Computer Misuse Act. It is illegal to disclose private information in the UK and this is regularly enforced, both through civil actions and criminal prosecutions. Believe it or not, the world outside of the US is not comprised of backward third-world countries. Of course, it is not a good idea to outsource your banking operation to fraud-centres like India, but don't loose sight of the fact that when the US does business with the rest of the world, its citizens and their businesses are protected by something invented in Europe about a thousand years ago, International Law.
Couldn't let this idle chatter just pass by. Why do you think it is NOT a good idea to outsource fraud-centres to India ?? Any concrete evidence ? In fact w.r.t fraud/corruption, let me see... http://www.expressindia.com/ie/daily/20001011/ina11004.html Former Indian Prime Minister is sentenced to jail (under Prevention of Corruption Act) for bribery and fraud. (and this was NOT a political vendetta - before you come up with excuses like that). On the other hand, Nixon was given a pardon. Why ? Please show me Clinton doing jail time for perjury, or Cheney doing jail time for the on-going Haliburton-Iraq multi-billion dollar charade. Or Reagan in the slammer for Iran-Contra. What about someone from the White House going to jail for unveiling the CIA operative ? Or Bush's daughters doing time for repetitively using false IDs to obtain alcohol illegally ? (http://www.sptimes.com/News/060501/Floridian/One_press_secretary__.shtml to see how the White House stonewalled all queries) Heck forget all this. Just put Henry Kissinger on trial for his various genocidal schemes (The Trial of Henry Kissinger by Christopher Hitchins) and I'll consider that fraud/corruption at the high echelons gets tackled in the West. Or extradite Union Carbide ex-CEO Warren Anderson for his criminal behaviour in the Bhopal gas tragedy - the world's largest industrial disaster. Or consider the case of top management in Enron and SCO profitting on their worthless stock. Or what about Martha Stewart or O.J. Simpson actually serving time ? You've got your own prejudices about western governments/corporations being less corrupt and less stupid. That's quite true at the lower government/corporate levels but not necessarily at the higher levels. Coming back to fraud from the technical perspective: If you mention an unstable electricity infrastructure as a reason to avoid outsourcing, that's very valid. But you haven't given any reason to back your claim that fraud centres should not be based out of India. In fact, if you really want to quantify technical excellence, 44 of the world's 60 SEI level 5 centres are in India. To the point where Huawei (a Chinese router company) has its only SEI level 5 centre based in India. So in terms of pure merit, skills, and capability, I dont see why one should not base a technology centre in India. And if fraud-analysis / cyber-forensics is one of those technologies, so be it. $0.02,
Regards Jack _________________________________________________________________ It's fast, it's easy and it's free. Get MSN Messenger today! http://www.msn.co.uk/messenger --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ----------------------------------------------------------------------------
-- Ranjeet Shetye Senior Software Engineer Zultys Technologies Ranjeet dot Shetye2 at Zultys dot com http://www.zultys.com/ The views, opinions, and judgements expressed in this message are solely those of the author. The message contents have not been reviewed or approved by Zultys. --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ----------------------------------------------------------------------------
Current thread:
- RE: A reminder that security is not inherently solvable with tech nology Jack Solomon (Oct 28)
- Re: A reminder that security is not inherently solvable with tech nology Meritt James (Oct 28)
- RE: A reminder that security is not inherently solvable with tech nology Ranjeet Shetye (Oct 29)