Geeks Guide 2 from Register Books Geeks Guide2 Now the festive period is well and truly over, GG2 is back and returns with not only an IT angle but with an IT guru of an author to boot. This week we’re offering up Bruce Schneier’s latest book, imaginatively titled Schneier on Security, with the usual GG2 40 per cent discount. …
Always the users
the irony is the security tools are now being used by the crackers to leverage advantage.
And how many times do you see a security consultant advise a course of action that is just the same as cracking.
There is no money in being the good guy in security at the coal face, better to just respond to the problems, or comment on them.
@AC - I don't think I understand your accusation. Are you saying you've heard security consultants saying something like, "The best way to protect your e-commerce site is to break in yourself and steal all the money/goods/credit card numbers, before the bad guys do!" Reminds me of the story about the business executive worried that there was a 1/1000 chance of someone taking a bomb onto his flight, his advisers told him to take a bomb himself, the chances of two bombs on one flight being only 1/1000000.
One problem is users not thinking securely, another is managers looking for a quick technological fix. Recent case: staff not listening to a doorphone before opening the door from their desks. Manager's request: install a camera so staff can see the visitor from their desks. My response: expensive solution that doesn't work, why will they look at the screen when they don't bother to listen? Cheap alternative: disable the open door from desk feature. Staff have to walk to the door and meet the visitor. Also, train the staff better, encourage them to think that security is part of their job.
Mine's the one with the meaningless "employee ID'" badge, and the list of executive's pet's names in the pocket.
- Fee fie Firefox: Mozilla's lawyers probe Dell over browser install charge
- 20 Freescale staff on vanished Malaysia Airlines flight MH370
- Neil Young touts MP3 player that's no Piece of Crap
- Review Distro diaspora: Four flavours of Ubuntu unpacked
- Sysadmins and devs: Do these job descriptions make any sense?