[PLUG] The lion in Salem

Paul Johnson baloo at ursine.ca
Wed Aug 27 08:20:03 UTC 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, Aug 27, 2003 at 07:43:10AM -0700, david pool wrote:
> >No kidding.  I don't work an airport, but still there's questions you
> >just don't ask if you don't want the nth degree.  Like how many of us
> >are on duty or what the coverage is.
> 
> I'm ok with the nth degree, but I think there are two approaches to 
> security. One is to discourage discussion and hope that one's 
> vulnerabilities go un-noticed. The other is to discuss stuff openly and 
> then take the precautions of the best minds available on the subject.

I fully understand that open security is usually stronger security.
That's obvious.  Breaking into a weapons depot *will* be harder than
breaking into an office highrise, and it doesn't take a genious to
point that out.  However, an office tower has a larger, more random
population on a smaller security budget than a prison.

Given that human nature dictates a balance between convienence,
aesthetics and security in an office building, security often gets the
short end of the stick, and there's barely enough money to upkeep an
alarm and surveilence system, much less upgrade either, and hire a
skeleton crew for security, with no money to test out to see if
protocols work to plan.  When you're understaffed, it helps to keep
secrets.  Thank God I don't work under those conditions.

You know, I never really thought about it like this before, but with
how much money Microsoft has and aesthetics and convienence clearly
aren't issues for Microsoft, you think they could do a little better
with their OS's security than an understaffed security detail can do
for an office building.

- -- 
 .''`.     Paul Johnson <baloo at ursine.ca>
: :'  :    
`. `'`     proud Debian admin and user
  `-  Debian - when you have better things to do than fix a system
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/TMwBUzgNqloQMwcRAvzVAKDVJ/4Z4BheR7NNn9B8G7PcLT62UACg14GP
1Ajp35/0NhTQND+LQsAAWDY=
=IAYK
-----END PGP SIGNATURE-----




More information about the PLUG mailing list