On Fri, Mar 14, 2008 at 04:53:01PM -0500, John C. A. Bambenek, GCIH, CISSP wrote: > Since when did the requirement of 100% success become the bar that must be > crossed for any policy? If you really believed 100% effectiveness was > required before anything was initiated, we'd have to give up on information > security all together.
I don't regard this (censorship of web sites at DIA) as even partial "effectiveness": I regard it as 100% failure, since it attempts to solve the wrong problem in the wrong way for the wrong reasons. And their accompanying poorly-reasoned explanation clearly indicates that they don't realize any of this. I'm not surprised. When the "for the children" drum beats, rational thinking is quickly drowned out. The inevitable result of this is that actions which actually *could* benefit children are passed over in favor of those which merely *look like* they benefit children. Then: applause, vacuous self-congratulations all around, rinse, repeat. ---Rsk _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
