Re: [Full-disclosure] Rate Stratfor's Incident Response

[Paul Schmehl <pschmehl_lists@xxxxxxxxx>]

--On January 12, 2012 3:16:19 PM -0500 Benjamin Kreuter 
<ben.kreuter@xxxxxxxxx> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>>
> Really, calling it "breaking in" is a stretch.  You connected a
> computer to a publicly accessible computer network, where anyone can
> send anything to your computer.  If hacking such a system is "breaking
> in," you might as well claim that shouting across your neighbor's yard
> is "breaking in."

Bzzzt.  Bad analogy.  A better one would be noticing your neighbor's garage 
door is open, walking across the street, entering the garage and rummaging 
around in his belongings.

I suspect at least some of your neighbors would take offense to that and 
ask you what you think you're doing.  And if they wanted to press charges 
for trespass, you'd likely go to jail.


> The law is not going to stop the really bad people
> from attacking your system, nor is it going to stop them from profiting
> from whatever access they gain; sending law enforcement after someone
> who reports problems to you accomplishes little and only discourages
> people who might try to help you.
>

Assuming everyone's motives are as pure as the driven snow is a bit naive, 
don't you think?

-- 
Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
*******************************************
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson
"There are some ideas so wrong that only a very
intelligent person could believe in them." George Orwell

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/