[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Learn from history?

To: Alerta Redsegura <alerta@xxxxxxxxxxxxx>
Subject: RE: [Full-Disclosure] Learn from history?
From: Michal Zalewski <lcamtuf@xxxxxxxxxxx>
Date: Mon, 10 May 2004 16:50:16 +0200 (CEST)

On Mon, 10 May 2004, Alerta Redsegura wrote:

> When we talk about risk, we are already taking into account the odds of the
> event happening:
>
> R = E x p
>
> Where:
>
> R = Risk
> E = event
> p = probability of the event happening

If we must toy with bogus marketspeak "equations", shouldn't E - at the
very least - numerically correspond to the consequences (loss?) caused by
an event, rather than being an event itself?

Otherwise, my risk R of getting a bar of chocolate from a stranger is
0.001 * getting_chocolate_bar_from_stranger.

-- 
------------------------- bash$ :(){ :|:&};: --
 Michal Zalewski * [http://lcamtuf.coredump.cx]
    Did you know that clones never use mirrors?
--------------------------- 2004-05-10 16:47 --

   http://lcamtuf.coredump.cx/photo/current/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- RE: [Full-Disclosure] Learn from history?
  - From: Alerta Redsegura
- Re: [Full-Disclosure] Learn from history?
  - From: James Riden
- RE: [Full-Disclosure] Learn from history?
  - From: Steffen Kluge

References:
- RE: [Full-Disclosure] Learn from history?
  - From: Alerta Redsegura

Prev by Date: Re: [Full-Disclosure] iDEFENSE: Security Whitepaper on Trusted Computing Platforms
Next by Date: Re: [Full-Disclosure] iDEFENSE: Security Whitepaper on Trusted Computing Platforms
Previous by thread: RE: [Full-Disclosure] Learn from history?
Next by thread: RE: [Full-Disclosure] Learn from history?
Index(es):
- Date
- Thread