n3td3v wrote:
On 5/10/06, Juha-Matti Laurio <[EMAIL PROTECTED]> wrote:
threat meters:
Seriously, threat meters are a waste of time and should be scraped by
all.
Hey, I believe it's right to tell someone when they're wrong and give
them credit when they're right... and although I disagree with some of
your conclusions, I have to say that you've got a good point here.
About all that these threat meters do is drum people into action. That
is, deep down, a good thing, but it's something that people should be
careful with. Computers, and in particular computer security, is
something that many people think is magic. An organization that is not
well mitigated and is not vigilant is as likely to get cracked into
during a high threat level as it is at a low threat level... the threat
meters do give people a false sense of security and a false sense of
fear and really do only measure paranoia.
Now, that's not to say that they don't have a use, but like all tools if
it's misused, the results will not necessarily be good. Something to
keep in mind.
-bkfsec
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
