Security Basics mailing list archives
RE: A reminder that security is not inherently solvable with tech nology
From: "Hagen, Eric" <ehagen () DenverNewspaperAgency com>
Date: Fri, 24 Oct 2003 12:02:15 -0600
The fact is that in the US, an individual would likely be arrested for even threatening to release this information. The problem with the countries overseas is that US laws, especially the privacy laws, are virtually unenforcable. While the activity of releasing that information it illegal in the US, it is not usually illegal in another country, therefore, even if the individual released that information while residing in his native country, his actions would be entirely lawfull, and even under extradition treaties, the US would have little or no recourse in sequestering that information, which is a huge problem. Just my 2c. Eric -----Original Message----- From: Tsai Li Ming [mailto:mailinglist () ltsai com] Sent: Friday, October 24, 2003 2:26 AM To: security-basics () securityfocus com Subject: RE: A reminder that security is not inherently solvable with technology I would like to point out another side of the story. I would agree that privilege information shouldn't be outsourced. It shouldn't even be outsourced to another company, whether local or overseas. On the other hand, we should bear in mind that off shoring a job does not necessary mean that it is less secure. A disgruntled local employee could do the same thing. What makes a local employee more trustworthy than an offshore worker? You can have the best security in place but it can be compromised by a single employee. Can we ever replace trust with technology? Liming -----Original Message----- From: jm [mailto:jm () mindless com] Sent: 24 October 2003 6:26 AM To: JGrimshaw () ASAP com Cc: security-basics () securityfocus com Subject: RE: A reminder that security is not inherently solvable with technology Very valid points, particularly in the UK as one of the biggest banks, "The world's local bank" has decided to lay off 4500 UK workers to offshore staff to offshore centers in asia. I am based in the Isle of Man, and recently had an conversation with the local Data Protection officer. The new Data Protection Act 2002, implies that countries outside the EU, US, and Australia are considered to not have appropriate protection mechanisms in place, and therefore confidential (personal) information should not be transmitted to anywhere outside these countries. I would be interested in learning if anyone reading the list, has any comments about how the UK/EU/Any legislation permits for the accessing of personal indetifiable information outside these areas in an offshoring type operation? Which would to an extent protect against the incident mentioned on the below URL.... Thanks JM -----Original Message----- From: JGrimshaw () ASAP com [mailto:JGrimshaw () ASAP com] Sent: 23 October 2003 14:50 Cc: security-basics () securityfocus com Subject: A reminder that security is not inherently solvable with technology http://www.sfgate.com/cgi-bin/article.cgi?file=/c/a/2003/10/22/MNGCO2FN8 G1.DTL This article was posted on Slashdot today; I believe it speaks volumes. You can defend your network against all known aggressors, and yet this simple common denominator reduces the security threshold to zero. ------------------------------------------------------------------------ --- Visual & Easy-to-use are not words that you think of when talking about network analyzers. Are you sick of the three window text decodes? Download ClearSight Network's Analyzer and see a new network analysis tool that makes the complex - easy http://www.securityfocus.com/sponsor/ClearSightNetworks_security-basics_ 031021 ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- Visual & Easy-to-use are not words that you think of when talking about network analyzers. Are you sick of the three window text decodes? Download ClearSight Network's Analyzer and see a new network analysis tool that makes the complex - easy http://www.securityfocus.com/sponsor/ClearSightNetworks_security-basics_0310 21 ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Visual & Easy-to-use are not words that you think of when talking about network analyzers. Are you sick of the three window text decodes? Download ClearSight Network's Analyzer and see a new network analysis tool that makes the complex - easy http://www.securityfocus.com/sponsor/ClearSightNetworks_security-basics_0310 21 ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Visual & Easy-to-use are not words that you think of when talking about network analyzers. Are you sick of the three window text decodes? Download ClearSight Network's Analyzer and see a new network analysis tool that makes the complex - easy http://www.securityfocus.com/sponsor/ClearSightNetworks_security-basics_031021 ----------------------------------------------------------------------------
Current thread:
- RE: A reminder that security is not inherently solvable with tech nology Randy Golly (Oct 24)
- <Possible follow-ups>
- RE: A reminder that security is not inherently solvable with tech nology Gene LeDuc (Oct 24)
- RE: A reminder that security is not inherently solvable with tech nology Hagen, Eric (Oct 24)
- RE: A reminder that security is not inherently solvable with tech nology Paul O'Malley (Oct 27)
- Re: A reminder that security is not inherently solvable with technology Meritt James (Oct 27)
- RE: A reminder that security is not inherently solvable with tech nology Paul O'Malley (Oct 27)