On Thu, 19 Jun 2003 07:27:03 EDT, "J. Noel Chiappa" said: > The person who's most in denial around here is you - about how definitively > the market has, for the moment, chosen IPv4+NAT as the best balance between > cost and effectiveness. Actually Noel, I think what he's in denial about is the fact that "the market" may not have a *CLUE* on how to properly evaluate the balances. The market has also "chosen" a certain specific MUA for its outstanding ability to balance security and functionality. Note that even upper management of the vendor in question admits that errors were made: "We really haven't done everything we could to protect our customers. Our products just aren't engineered for security." -- Microsoft executive Brian Valentine, on the painful realization that a $100 million, two-month-long codeathon still hasn't fixed the glaring holes in its software, InfoWorld, 5 September 2002 (from http://www.ditherati.net/archive/2002/36/) So should we conclude that "the market" doesn't care a rat's posterior about security? Or should we conclude that it simply didn't realize the size of the exposure and the downstream costs of lack of security?
Attachment:
pgp00277.pgp
Description: PGP signature