Re: Don' see no "security expert's" round here ...

[Robert Graham <robert_david_graham () yahoo com>]

Mitnick is a security expert. I don't have much respect for the guy, and his reputation is more hype than reality, but 
he's still an "expert" every much so as others who call themselves "security expert".

Just because you go around telling people be secure doesn't make you an expert. Any dunce can tell you to "safen up" 
(to quote Homer Simpson). What takes expertise is recognizing when marginal costs exceed marginal benefits. If 
inconsequential systems never get hacked, then chances are good that you are spending too much securing them. In 
Mitnick's case, since nothing consequential was affected, it means that he's not overspending on securing his upstream 
DNS. The only consequence is reputation loss, although the opposite consequence is free publicity, so it may be a net 
benefit.






      
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.