Re: [fw-wiz] concerning ~el8 / project mayhem

From: Paul D. Robertson (
Date: 08/19/02

From: "Paul D. Robertson" <>
To: Barney Wolff <>
Date: Mon Aug 19 09:10:01 2002

On Sun, 18 Aug 2002, Barney Wolff wrote:

> A "recognized security expert" is going to be a target. Price of fame,
> and all that. Would you trust an overweight cardiologist?

Personally, I wouldn't evaluate a cardiologist based on their weight, but
on how well they knew cardiology.

There's an old saying- "The cobbler's children have no shoes" which isn't
explained off by saying that the cobbler makes shoddy shoes- but that he's
too busy making shoes for others to have produced them for his own

Having the data is different than knowning how to evaluate it. Without
knowning a cardiologist's skills in cardiology picking metrics and basing
an evaulation on them is like choosing a firewall based on the
colo[u]r of its box.

Let's say said cardiologist spent so much time studying cardiology that
she didn't get any exercise- would you really dismiss her over a skinny
cardiologist who spent all his time running marathons and very little of
it studying cardiology? What if our esteemed overweight cardiologist had
gland problems- is that a reason to disqualify her as a cardiologist?
What if our unesteemed underweight cardiologist had a drug problem- would
you still choose him first?

Paul D. Robertson "My statements in this message are personal opinions which may have no basis whatsoever in fact." Director of Risk Assessment TruSecure Corporation