Have a laugh on me...

[dimitrios at gmail.com (Dimitrios Kapsalis)]

I'd take this guy for coffee to Starbucks. set up wireshark and show him
what can happen.

On Mon, Oct 12, 2009 at 2:42 PM, Vincent Lape <vlape at me.com> wrote:

> document your conversation with "top buy" create a report stating the
> issue and remediation recommendations and just wait till it gets
> pwned. Once customer data is out there in the wild im sure they will
> have a different outlook on the issue. Just make sure you CYA so "top
> guy" doe snot come back and say hey that dude was responsible to
> fixing that problem.
>
>
> On Oct 12, 2009, at 10:24 AM, Soft Reset wrote:
>
> > Without spilling details, I told the IT team to remove an exposed
> > web portal from the internet as it was not SSL protected and the
> > password was easy enough to be found in my kid's "My First
> > Dictionary".  This is the response I got back from our "top guy":
> >
> >  "Many people need access to the web portal.  Remember that one of
> > the objectives is to develop a strategy
> >   for the customer. Easier access, not harder, should be the goal."
> >
> > I laughed.  How about you?
> >
> >
> > --SR6
>  > _______________________________________________
> > Pauldotcom mailing list
> > Pauldotcom at mail.pauldotcom.com
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: http://pauldotcom.com
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20091012/114349ec/attachment.htm