Path: utzoo!attcan!uunet!husc6!uwvax!tank!mimsy!aplcen!aplcomm!stdc.jhuapl.edu!jwm
From: jwm@stdc.jhuapl.edu (Jim Meritt)
Newsgroups: news.sysadmin
Subject: Re: Getting Complacent
Message-ID: <2431@aplcomm.jhuapl.edu>
Date: 14 Nov 88 17:48:01 GMT
References: <44439@beno.seismo.CSS.GOV> <16742@agate.BERKELEY.EDU> <5366@medusa.cs.purdue.edu>
Sender: news@aplcomm.jhuapl.edu
Reply-To: jwm@aplvax.UUCP (Jim Meritt)
Organization: JHU-Applied Physics Laboratory
Lines: 33

In article <5366@medusa.cs.purdue.edu> spaf@cs.purdue.edu (Gene Spafford) writes:
}In article <16742@agate.BERKELEY.EDU> weemba@garnet.berkeley.edu (Obnoxious Math Grad Student) writes:
}>In article <44439@beno.seismo.CSS.GOV>, rick@seismo (Rick Adams) writes:
}>>Does that make it less of a crime?
}>
}>Who cares?  Why is it SO IMPORTANT to have the MORAL HIGH GROUND?  So
}>that you can feel justified about being smug and complacent re security?
}
}1) Rick (and I and others) are hardly smug and complacent about
}security.  We're working on it, and have been working on it, for
}quite some time, although that is not our primary job.  Just
}because we don't tell you and the Usenet about it doesn't mean
}we aren't acting on it.  In fact, considering your behavioral
}aspects, not telling you about anything is an important part
}of a good security program.

From what I have seen, not telling people anything has been a major
component of the system(s) security program.  

Might I submit that that is not a very reliable component - ignorance
can be cured, and I really would not want to be in the position on
depending on it NOT being done so.

Sure, Matt can irritate.  But is he incorrect on the reality of the
situation?  The world is not a nice place.  Wishing it so does no
good.  Fixing it does good.

LET'S GET THAT SECURITY NEWSGROUP UP FOR *U*S*E*R*S*!!!!!
Who do you thing is using the systems?


Disclaimer:  "It's mine!  All mine!!!"   
					- D. Duck