On Tue, May 31, 2005 at 06:43:56PM -0400, Perry E. Metzger wrote:
> > So we need to see a "Choicepoint" for listening and sniffing and so
> > forth.
> No, we really don't.

Perhaps we do - not so much as a source of hard statistical data, but
as a source of hard pain.

People making (uninformed or ill-considered, despite our best efforts
to inform) business and risk decisions seemingly need concrete
examples to avoid.

Its depressing how much of what we actually achieve is determined by
primitive pain response reflexes - even when you're in the beneficial
position of having past insistences validated by the pain of others.

> The day to day problem of security at real financial institutions is
> the fact that humans are very poor at managing complexity, and that
> human error is extremely pervasive. I've yet to sit in a conference
> room and think "oh, if I only had more statistical data", but I've
> frequently been frustrated by gross incompetence.



Attachment: pgppCusu69AQW.pgp
Description: PGP signature

Reply via email to