RE: [TSCM-L] Security? Huh!

[InfoSec News <isn () c4i org>]

Forwarded from: matthew patton <pattonme () yahoo com>

> I can only assume the entire Navy is like this. Maybe they should
> make security school a requirement before they send these guys to
> run a network.

I would second this but having been thru what the USAF purports to
call CompSci training hosted at Biloxi, MS we are evermore doomed to
failure. It is from this pool of 'talent' that the USAF relies upon to
staff Lan shop officers. Purhaps the enlisted folk have better
training and can be relied upon to have some measure of clue but I
doubt it. Instead of spending tons of money on debatable security
measures I wish the feds would instead put every last sysadmin thru a
technical boot camp. And pound into their thick brains the absolutely
minimally acceptable security/administrative procedures. That and send
the admins to SANS conferences where they just might realize the world
is a dangerous place and that just because you're gov't or military
doesn't mean your network is invulnerable. Whenever I meet a sysadmin
(contractor or uniformed) that works for the gov't I always assume
they are incompetent until they prove otherwise. And regrettibly the
incompetents far outnumber the clueful.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.