Comments on: 10 Reasons Why IT Security Is Getting Worse Not Better http://www.thevirtualcircle.com/2009/02/10-reasons-why-it-security-is-getting-worse-not-better/ WordPress site Wed, 16 Nov 2011 20:21:06 +0000 hourly 1 By: Bloor Robin http://www.thevirtualcircle.com/2009/02/10-reasons-why-it-security-is-getting-worse-not-better/comment-page-/#comment-508 Bloor Robin Fri, 27 Feb 2009 05:06:45 +0000 http://havemacwillblog.com/2009/02/06/10-reasons-why-it-security-is-getting-worse-not-better/#comment-508 I think perhaps that you're misunderstanding my use of the term "hackers", which I'm using as an equivalent to the term black hats. It is ambiguous in that sense, because some people use it as alternative to the word geek. Nevertheless, the most disturbing part of your comment is "root kits aren't an attack technique." That's a little like saying "bullets don't kill people." Luckily there's no clause in the US constitution that defends the right to promote malware. You obviously don't talk to any CIOs or CSOs. Every one of these I've talked to recently has a deep fear of root kits, some learned from experience. On the vendor side of the game, the story is the same. It's a shame you don't know much about IT security. I think perhaps that you’re misunderstanding my use of the term “hackers”, which I’m using as an equivalent to the term black hats. It is ambiguous in that sense, because some people use it as alternative to the word geek.
Nevertheless, the most disturbing part of your comment is “root kits aren’t an attack technique.” That’s a little like saying “bullets don’t kill people.” Luckily there’s no clause in the US constitution that defends the right to promote malware. You obviously don’t talk to any CIOs or CSOs. Every one of these I’ve talked to recently has a deep fear of root kits, some learned from experience. On the vendor side of the game, the story is the same. It’s a shame you don’t know much about IT security.

]]> By: Um http://www.thevirtualcircle.com/2009/02/10-reasons-why-it-security-is-getting-worse-not-better/comment-page-1/#comment-509 Um Thu, 26 Feb 2009 23:27:35 +0000 http://havemacwillblog.com/2009/02/06/10-reasons-why-it-security-is-getting-worse-not-better/#comment-509 Wow. Where do I begin? How about here: "Even the hacker community thinks Open Source is cool." This a very strange statement. Hackers have long been a part of the Open Source community, for better or worse. Some are positive, contributing members who have uncovered serious problems or developed new tools for security professionals to use. But even more bizarre is this comment: "I've been told that if you know the right hacker clubs you can even get well-designed root kits. That's frightening. The root-kit is the WMD of the malware world." Rootkits aren't an attack technique. They've been around forever. They are not "WMDs", nor are they secret or the domain of hacker clubs. Truth is, the only "frightening" thing here is you're writing about security for public consumption and don't seem to understand it very well. For example, one of the true ways the ground has shifted in the last decade is the proliferation of 802.11, in terms of your "remote hacker" scenario. Access like that would have been a dream come true for your 80s or 90s era hacker. There's other things that really should have made this list in terms of why things are worse now than they used to be. Look, I know you're trying to write a good blog etc., but your take on this stuff is just a little lacking. Let the security folks make the big "10 reasons" pronouncements. Wow. Where do I begin? How about here:

“Even the hacker community thinks Open Source is cool.”

This a very strange statement. Hackers have long been a part of the Open Source community, for better or worse. Some are positive, contributing members who have uncovered serious problems or developed new tools for security professionals to use.

But even more bizarre is this comment:

“I’ve been told that if you know the right hacker clubs you can even get well-designed root kits. That’s frightening. The root-kit is the WMD of the malware world.”

Rootkits aren’t an attack technique. They’ve been around forever. They are not “WMDs”, nor are they secret or the domain of hacker clubs. Truth is, the only “frightening” thing here is you’re writing about security for public consumption and don’t seem to understand it very well. For example, one of the true ways the ground has shifted in the last decade is the proliferation of 802.11, in terms of your “remote hacker” scenario. Access like that would have been a dream come true for your 80s or 90s era hacker. There’s other things that really should have made this list in terms of why things are worse now than they used to be.

Look, I know you’re trying to write a good blog etc., but your take on this stuff is just a little lacking. Let the security folks make the big “10 reasons” pronouncements.

]]> By: 10 Reasons Why IT Security Is Getting Worse Not Better … | OnlineTalkers - Let technology do the talking http://www.thevirtualcircle.com/2009/02/10-reasons-why-it-security-is-getting-worse-not-better/comment-page-1/#comment-510 10 Reasons Why IT Security Is Getting Worse Not Better … | OnlineTalkers - Let technology do the talking Fri, 06 Feb 2009 12:25:10 +0000 http://havemacwillblog.com/2009/02/06/10-reasons-why-it-security-is-getting-worse-not-better/#comment-510 [...] is the original post: 10 Reasons Why IT Security Is Getting Worse Not Better … black, black-hats, india-and-the-10-laptop, internet, it-security, it-trends, january-31, Linux, [...] [...] is the original post: 10 Reasons Why IT Security Is Getting Worse Not Better … black, black-hats, india-and-the-10-laptop, internet, it-security, it-trends, january-31, Linux, [...]

]]>