Mitnick is a security expert. I don't have much respect for the guy, and his
reputation is more hype than reality, but he's still an "expert" every much so
as others who call themselves "security expert".
Just because you go around telling people be secure doesn't make you an expert.
Any dunce can tell you to "safen up" (to quote Homer Simpson). What takes
expertise is recognizing when marginal costs exceed marginal benefits. If
inconsequential systems never get hacked, then chances are good that you are
spending too much securing them. In Mitnick's case, since nothing consequential
was affected, it means that he's not overspending on securing his upstream DNS.
The only consequence is reputation loss, although the opposite consequence is
free publicity, so it may be a net benefit.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
