On Fri, 2003-08-29 at 19:13, [EMAIL PROTECTED] wrote: > On Fri, 29 Aug 2003 14:46:32 PDT, morning_wood said: > > >And has it occurred to you that *MAYBE* his "high paying job" would > > >be more productive if he wasn't spending most of his time having to deal with > > >people breaking in, either proactively or reactively?? > > > > that is his job > > You're totally missing the point. > > If I'm doing security 30 hours a week, that's 30 hours a week I'm not available > for other things. >
??? uh, the extended coffee breaks? > That's 30 hours I'm not spending helping do network performance tuning for the > mail server. I'm sure the 70,000 users of the mail server would prefer that > I was able to do that instead. > You mean... Member of the Exchange server mop & broom crew? > That's 30 hours I'm not spending designing a new, more featureful print > management system. I'm sure the people who get print jobs that we need > to keep running (accounts receivable, invoices, purchase orders, etc) would prefer > I was able to do that instead. > Your printer says it needs white toner. > That's 30 hours I'm not spending diagnosing compiler and kernel bugs. I'm sure > the researcher who has a $2M grant project dead in the water would prefer I was > able to do that instead. > > That's 30 hours I'm not spending working on a way to migrate users from Windows to > Linux. > I'm sure the people who are looking at a $500K/year bill for Microsoft licenses (and > want > a way to save money) would prefer I was able to do that instead. > > That's 30 hours I'm not spending deploying a new release of Listserv that has > features that my users are asking for. I'm sure that many of the users on our > 6,023 lists would prefer I was able to do that instead. > > You starting to see a pattern here? > Jack of all trades? > And yes, those are *ALL* things that are *part of* "my job". Many of them are > things I'd enjoy doing more. All of them are things that would provide more *direct* > benefit to my site than "doing security". > > And you can't weasel out by saying "Hire somebody else to do that other stuff" or > "hire somebody else to do security" - the point is that if we did hire somebody else, > then we'd only have 1 person of the 2 available for productive work. If we didn't > have to keep spending resources on security, BOTH people would be available then. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
