nanog mailing list archives
Re: Fwd: Dan Kaminsky
From: William Allen Simpson <william.allen.simpson () gmail com>
Date: Thu, 30 Jul 2009 19:42:50 -0400
Valdis.Kletnieks () vt edu wrote:
... Mitnick came out and *said* that he knew the site was insecure, but since no sensitive data was on there, it didn't matter. Presumably the site's monthly cost, convenience, user-interface, and so on, outweigh the effort of occasionally having to recover after some idiot whizzes all over the site. Now, if they had managed to whack a site that Mitnick and Kaminsky *cared* about, it would be a different story...
Remembering those ancient days, it always seemed to me that was Mitnick's usual series of excuses (as in: he was a scapegoat, nobody was physically hurt, their cleanup cost estimates were inflated, et cetera ad nauseum). This just seems like more of the same. I'm not a big fan of throw them in prison and throw away the key, but the fact that his prison sentences (plural) and restitution were so lenient is certainly a factor in the difficulty of convincing LE to take investigation and prosecution seriously. Security consultants that don't practice secure computing on their own sites aren't much more than flacks for hire. http://antilimit.net/zf05.txt Anyway, most of the reading was pretty boring and badly formatted, but it still put a bit of a knot in my intestines.... Are we paying enough attention to securing our systems?
Current thread:
- Fwd: Dan Kaminsky andrew.wallace (Jul 29)
- Re: Dan Kaminsky andrew.wallace (Jul 29)
- Re: Fwd: Dan Kaminsky Randy Bush (Jul 29)
- Re: Fwd: Dan Kaminsky Andrew D Kirch (Jul 29)
- Re: Fwd: Dan Kaminsky Randy Bush (Jul 29)
- Re: Dan Kaminsky Dragos Ruiu (Jul 30)
- Re: Dan Kaminsky Richard A Steenbergen (Jul 30)
- Re: Fwd: Dan Kaminsky Andrew D Kirch (Jul 29)
- Re: Fwd: Dan Kaminsky William Allen Simpson (Jul 30)