Re: [SPAM] Re: [Full-Disclosure] Full-disclosure Posts

[xploitable <xploitable () gmail com>]

On Mon, 18 Oct 2004 07:23:56 +0200 (CEST), Hugo van der Kooij
<hvdkooij () vanderkooij org> wrote:
> Companies do not care about security. The CEO only works with numbers. If
> bad security losses 100k per month but tightening things up loses 105k per
> month on productivity they take the 5k per month profit regardless of who
> is doing security and leave it open.
>
> It has very little to do with attitude on the security staff. If you want
> to work corporate you need to understand corporate thinking.
>
> Taking simple countermeasures to prevent damagae from things like a
> Slammer Worm are laughed at untill they get hit and loose 2 days worth of
> business. Then they start screaming to get it installed yesterday.
>
> You do not have to like it but that is the sad state we are in.
>
> Hugo.


It stinks and wish it would change.. I guess it never will and corps
will choose money over security, but still look suprised every time
Yahoo! get hacked in one way or another, but will still insist to
journalists that they were doing everything they could for security.

Don't trust the hype and corporate smart talk, the reality is far grimmer.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html