On Sat, 12 Mar 2005, J.A. Terranson wrote: > Critical infrastructure serves us ALL, and must be first on the fix wagon.
There should be no serious vulnerabilities in the "critical infrastructure" in the first place. If the infrastructure is really critical, i.e. its failure would kill people, then every time a serious vulnerability is found, one of the responsible PHBs should be shot. (This is the way they are already doing it in China, isn't it?) Vendors, to be able to demonstrate how serious they are when their PR says their products are absolutely secure, may offer a service to sacrifice one of their own PHBs instead of the client's one. --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation." _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://www.secunia.com/
