Security Basics mailing list archives
Re: Would you bet your life on your security?
From: simon <simon () snosoft com>
Date: Thu, 02 Oct 2003 17:41:02 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Neat,I am very happy that I am getting as much input and feed back as I am. I even appreciate the below message where Ranjeet is telling me that I am being unprofessional, we all have our opinion... but who are we to judge?
I'll respond in a few sections here, so please tolearte the choppy email. "I'm pretty new to security, but this is discouraged by the ISECOM in their most current Open Source Security Testing Methodology Manual, p. 18, "2. The offering of free services for failure to penetrate or provide trophies from the target is forbidden"Let me make this very simple for you. If you bring your car into a shop and they find no problems do you want to pay for a brake job, and new ball joints? If we find vulnerabilities then we will help you fix them. If we don't, then you haven't spent a dime. What you seem to be proposing is that you spend money regardless of the work done? Hey, send some checks my way...
Moving on...
Actually, no respectable professional really advertizes his/her services in a forum where other professionals are reading/teaching/learning
I'm sorry if I've offended you. So far you seem to be the first person thats been offended by this. So tell me, why don't "respectable professionals" send helpful offerings to mailing lists? I'd be very interested in understanding your reason.
unless its something specially setup for the purpose of advertizing one's needs/wants e.g. the security-jobs mailing list. I think that's standard etiquette for mailing lists.
On these grounds, I find Simon's advertizing pretty unprofessional - despite the solid reasons (or FUD ?) given as to why insecure networks can cause a financial liability. I wish he had chosen a more objective and less FUD approach. Right subject matter, wrong approach - IMHO.
I am sorry that you find the post unprofessional, but again, thats not really important. What is important is that what I wrote was 100% factual and true. Our services are also highly effective, 100% factual, and 100% true. Why? Well thats simple. If we work with facts and not FUD or hype, then we are offering our clients the best possible solutions. Whats wrong with that?
But to object on the grounds that 'ISECOM' forbids it is difficult to understand. The word 'forbid' is too strong, dont you think ? How can you 'forbid' anyone from doing legal things in a free country ?? esp. considering the 'stubborn' profile that most people from the infosec industry have!! (by stubborn I mean it in a good sense, i.e. you have continued banging your head against the wall till you understood things, while others would have walked away from the challenge and taken on less demanding jobs).
I think the word that you are looking for is persistent: per·sis·tent adj. 1. Refusing to give up or let go; persevering obstinately. Hope this helps...- -- Regards,
-simon- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/fJtuf3Elv1PhzXgRAiQEAJ9UHtk1UKIMnOnWxtNbKX7V4b+oiQCdEm4o UyveEiQE6c29nYmeZhqdNfc= =v36c -----END PGP SIGNATURE----- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Would you bet your life on your security? simon (Oct 01)
- Re: Would you bet your life on your security? Jimi Thompson (Oct 10)
- <Possible follow-ups>
- Re: Would you bet your life on your security? Eric Brown (Oct 02)
- RE: Would you bet your life on your security? David Gillett (Oct 02)
- Re: Would you bet your life on your security? simon (Oct 06)
- Re: Would you bet your life on your security? Ranjeet Shetye (Oct 02)
- Re: Would you bet your life on your security? simon (Oct 02)
- Re: Would you bet your life on your security? David Moisan (Oct 03)
- RE: Would you bet your life on your security? David Gillett (Oct 03)
- RE: Would you bet your life on your security? David Gillett (Oct 02)
- RE: Would you bet your life on your security? MacDougall, Shane (Oct 03)
- RE: Would you bet your life on your security? MacDougall, Shane (Oct 03)
- RE: Would you bet your life on your security? David Gillett (Oct 06)
- Re: Would you bet your life on your security? simon (Oct 06)
- RE: Would you bet your life on your security? David Gillett (Oct 06)