Firewall Wizards mailing list archives
Re: Transitive Trust: 40 million credit cards hack'd
From: "Kevin Sheldrake" <kev () electriccat co uk>
Date: Mon, 27 Jun 2005 11:12:42 +0100
Without wanting to drag this analogy too far...If you only care about your own systems, then outrunning the other guys might work. If you also care about systems that store and process your information, then you might have more of a problem on your hands.
Imagine that it is no longer just your own life that you are worried about, but that of your new born babies (your personal information). Some of these babies get passed to adoring aunties and uncles and, in extreme cases, grandparents, where they are happily looked after. When the machine-gun-wielding army of bears appears on the horizon, you'll still outrun the other guys, but some of your babies might get eaten. To counter this, you need to outrun the bears, outrun the other guys, but also keep tabs on, and protect, all the custodians of your babies.
Changing the state of the industry, so that all people have the opportunity to purchase and wear bear-resistant armour should lower your exposure to bear-related catastrophies.
:) Kev
And you (and others) assume there's only two runners. I still think I'll make an attempt to out run the bear and be as tough a target as I can afford, and hope the bear is smart enough to pursue the easy targets. The point is, don't make yourself the _easy_ target, when there are things you can do that the other (easier targets) aren't doing. When there are enough bears and few targets, everyone will get attacked, but don't lightly toss aside the benefit of making yourself as hard a target as you can afford. Right now, there are still plenty of honey-soaked targets for the bears to enjoy. I'm not necessarily saying this is a completely fail-safe way to secure your environment, but from what I have seen of other environments, at least the honey isn't dripping off you and leaving a trail for the bear to easily follow. Let it drip off the other guy(s). Jeff -----Original Message----- From: Paul Melson The problem with that strategy being, you assume that there's only one bear. PaulM -----Original Message----- True, Marcus, but not everyone _does_ use 2 factor auth. So, at this point, it can be effective. You don't gotta outrun the bear, just the guy next to you. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
-- Kevin Sheldrake MEng MIEE CEng CISSP Electric Cat (Cheltenham) Ltd _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Transitive Trust: 40 million credit cards hack'd, (continued)
- Re: Transitive Trust: 40 million credit cards hack'd Kevin (Jun 20)
- RE: Transitive Trust: 40 million credit cards hack'd Brian Loe (Jun 21)
- Re: Transitive Trust: 40 million credit cards hack'd Kevin (Jun 21)
- Re: Transitive Trust: 40 million credit cards hack'd Kevin (Jun 20)
- RE: Transitive Trust: 40 million credit cards hack'd Paul Melson (Jun 21)
- RE: Transitive Trust: 40 million credit cards hack'd Richards, Jim (Jun 20)
- RE: Transitive Trust: 40 million credit cards hack'd Eugene Kuznetsov (Jun 20)
- RE: Broken Analogies (was: Transitive Trust) Ben Nagy (Jun 21)
- RE: Broken Analogies (was: Transitive Trust) Brian Loe (Jun 21)
- RE: Transitive Trust: 40 million credit cards hack'd Eugene Kuznetsov (Jun 20)
- RE: Transitive Trust: 40 million credit cards hack'd Paul Melson (Jun 21)
- Re: Transitive Trust: 40 million credit cards hack'd Kevin Sheldrake (Jun 30)