Re: [fw-wiz] iso 17799
From: Bennett Todd (bet_at_rahul.net)
To: "J. Oquendo" <firstname.lastname@example.org> Date: Mon, 19 Jul 2004 19:20:02 +0000
2004-07-19T18:30:26 J. Oquendo:
> Financial management and reporting have a lot of credibility? I'm
> sure [one of the recent newsorthy villains] would have loved you.
The folks designating Best Practices in financial reporting have a
lot of credibility, was what I said. That's folks like the FASB.
Folks who fail to follow them, or hunt for loopholes in them that
require patching, understandably don't share that credibility. I
tried to write to make clear which I was referring to, apparently I
> Anyway, computer science maturing has little to do with compsec
> from my point of view [...]
Understandably, there's no reason to hope we'll be alive when it
begins to happen. We gotta do computer security now, even though
we're having to make it up as we go along.
> Best practices should be used as somewhat of a guideline, [...]
Well, after a fashion. Best Practices, in the context of computer
security, should be used as a touchstone for the ignorant and/or
fraudulent, trying to pretend that their field is sufficiently
mature to have something analogous to Best Practices.
firewall-wizards mailing list
- application/pgp-signature attachment: stored