Re: [Full-Disclosure] NASA.GOV SQL Injections

[Paul Schmehl <pauls@utdallas.edu>]

--On Saturday, October 18, 2003 1:50 PM -0400 Valdis.Kletnieks@vt.edu wrote:

> On Fri, 17 Oct 2003 10:24:59 CDT, "Schmehl, Paul L" said:
>
> > No offense meant to the fine IT people at NASA, but do you seriously
> > believe that the one-percenters are securing the network?  As opposed to
> > say, figuring out how to land a rover on Mars, how to keep astronauts
> > alive in space, how to overcome the long-term negative effects of zero
> > gravity, etc., etc.???
>
> If the IT people are busy figuring out how to land a rover etc, then:
>
> a) What the f--k are the *scientists* doing?
> b) Who's busy keeping the IT going while the scientists aren't doing the
> stuff the IT people are doing instead of their jobs?

I continue to be amazed at how misunderstood this was.  The post to which I 
was responding suggested that the "one percenters" were protecting the NASA 
network.  My response was that the one percenters would be the scientists, 
working on space projects, not the IT people protecting the network.  Not 
that NASA wouldn't have good or even great IT people, but geniuses work on 
space physics.  They *don't* do the grunt work of securing networks.

Paul Schmehl (pauls@utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html