Re: A Tempting Offer for Russian Pair

[InfoSec News <isn () c4i org>]

Forwarded from: Russell Coker <russell () coker com au>

On Tue, 20 May 2003 17:10, InfoSec News wrote:

> Morgenstern hired an expensive security consultant from Silicon
> Valley to respond to the hackers and ordered his systems
> administrators to do a complete analysis of the E-Money systems for
> other vulnerabilities, tasks that he estimates ended up costing his
> company more than $1 million in fees, lost business and new computer
> equipment.

Yes, sometimes it does cost an extra $1M to correctly install a
network to be secure.  Sometimes installing a secure network requires
expensive consultants and better hardware.  Sometimes making things
secure takes longer and you miss some marketting opportunities.

It's what you have to do if you want things to run properly.  
Complaining about being hacked and then having to pay extra to get
security is like complaining about leaving your umbrella at home and
being forced to buy one from an expensive store when a thunderstorm
starts.  There's no point complaining about such things, you knew the
risks, took a chance, and it didn't work out.

Usually when you take a chance on computer security it won't work out.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.