On Tue, May 31, 2005 at 06:43:56PM -0400, Perry E. Metzger wrote: > > So we need to see a "Choicepoint" for listening and sniffing and so > > forth. > > No, we really don't.
Perhaps we do - not so much as a source of hard statistical data, but as a source of hard pain. People making (uninformed or ill-considered, despite our best efforts to inform) business and risk decisions seemingly need concrete examples to avoid. Its depressing how much of what we actually achieve is determined by primitive pain response reflexes - even when you're in the beneficial position of having past insistences validated by the pain of others. > The day to day problem of security at real financial institutions is > the fact that humans are very poor at managing complexity, and that > human error is extremely pervasive. I've yet to sit in a conference > room and think "oh, if I only had more statistical data", but I've > frequently been frustrated by gross incompetence. Amen. -- Dan.
Description: PGP signature