RE: Lets Indict All the Lawyers

[InfoSec News <isn () c4i org>]

Fowarded from: Sheri Moreau <akindofmagick () earthlink net>

> Forwarded from: Marjorie Simmons <lawyer () carpereslegalis com>
>
> What if the organization for which you work, and for which you are
> the primary or sole information security person, (or are the
> consultant that designed the systems security), suffers a security
> breach, and the US federal government decides that the breach was
> accomplished by terrorists, and that you are the primary at-fault
> person, and they arrest you because, to them, it looks like you may
> have helped?  (Don't forget the contemporary lawmaking that makes
> hacking a terrorist act -- though the 'terrorist' may be a
> 12-year-old from Lincoln, Nebraska.)  Would you call your lawyer?

We've had this discussion before; it's a philosophical question that
doubtless puzzled King Solomon.

If you leave your car door unlocked and your laptop on the seat, and a
thief takes it, who's culpable? Temptation is a crime worthy of the
death penalty in some countries...  (think: chador)

What will the (1) police (2) lawyers/judge (3) insurance company say
about your laptop loss? Sure, there was a theft, but sheesh--you were
practically asking for it (2 out of 3 will probably say this, and 3/3
will think this, yes?). Does the age of the thief matter? What about
the thief's intent? Was your laptop a target of opportunity, or a
targeted acquisition by a corporate spy?

Scenarios for conjecture:

1. You leave the door unlocked and the laptop in clear view on the
seat and a thief takes it

2. You leave the door unlocked and stuff the laptop behind the seat
and a thief takes it

3. You lock the door and hide the laptop in the trunk and a thief prys
up the trunk lid, or breaks a window and pushes the trunk release
button and takes the laptop

4. You get real tired of replacing laptops, so you lock the door (or
maybe not) and hide a fake laptop in the trunk with an explosive paint
device that allows you to track the unauthorized intruder.

and so forth.

It's been said before: Security is everyone's responsibility. Protect
your interests.

My two cents.

Sheri
akindofmagick () earthlink net



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.