Re: Corporate Information Security Accountability Act of 2003

["Jonathan A. Zdziarski" <jonathan () nuclearelephant com>]

LOL half the publicly traded companies would lose all their shareholders
if they knew what kind of holes their infrastructure has.  The other
half would get hacked by anyone who could read the quarterly reports
complaining about Kazaa ports being open.

And who's going to enforce this? Something to consider, this could mean
that you could face criminal charges if you stated that your network was
secure and an independent audit team belonging to the DOJ proved
otherwise - that'd land a lot of execs in jail (including Gates).  Want
to get your CEO put in jail?  Just open up that telnet port.

On Mon, 2003-11-03 at 15:51, Paul Tinsley wrote:
> Sorry if this has been discussed already, but I figured many of you 
> would find this interesting and possibly disturbing.
>
> http://www.computerworld.com/securitytopics/security/story/0,10801,86455,00.html?nas=PM-86455


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html