Hiring competent people. That's so 20th-century. Get with the program, man!
On Fri, Sep 15, 2017 at 8:51 AM, John McKown <john.archie.mck...@gmail.com> wrote: > On Thu, Sep 14, 2017 at 7:41 PM, Tom Brennan <t...@tombrennansoftware.com> > wrote: > > > John McKown wrote: > > > >> IMO, encrypting data is a very good defense. Another good defense is > >> hiring competent people rather than inexpensive people and giving them > the > >> time to design, code, and test their solutions. I don't have statistics, > >> but many attacks are based on coding errors such as the infamous "SQL > >> Injection" attacks. On the almost hilarious attacks which succeed > because > >> "whomever" didn't bother to configure the security on some piece of > >> equipment, and left the administrator credentials as "admin/admin". Of > >> course, the people & time requirements that I mentioned "cost too much" > >> and > >> "delay time to market". Today's world is based on think up something in > >> the > >> morning, design over lunch, create before dinner, ship the next morning. > >> > > > > Did you mention admin/admin because of this news report, or just > > coincidence? > > > > http://www.bbc.com/news/technology-41257576 > > > That was the reason. I just couldn't remember if it was Equifax or > something else in the news recently; and I was too lazy to double check. > > -- > UNIX was not designed to stop you from doing stupid things, because that > would also stop you from doing clever things. -- Doug Gwyn > > Maranatha! <>< > John McKown > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > -- zMan -- "I've got a mainframe and I'm not afraid to use it" ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
