Re: [fw-wiz] iso 17799

From: Bennett Todd (
Date: 07/19/04

  • Next message: The Anarcat: "Re: [fw-wiz] More Syslog Questions"
    To: "J. Oquendo" <>
    Date: Mon, 19 Jul 2004 19:20:02 +0000

    2004-07-19T18:30:26 J. Oquendo:
    > Financial management and reporting have a lot of credibility? I'm
    > sure [one of the recent newsorthy villains] would have loved you.

    The folks designating Best Practices in financial reporting have a
    lot of credibility, was what I said. That's folks like the FASB.
    Folks who fail to follow them, or hunt for loopholes in them that
    require patching, understandably don't share that credibility. I
    tried to write to make clear which I was referring to, apparently I

    > Anyway, computer science maturing has little to do with compsec
    > from my point of view [...]

    Understandably, there's no reason to hope we'll be alive when it
    begins to happen. We gotta do computer security now, even though
    we're having to make it up as we go along.

    > Best practices should be used as somewhat of a guideline, [...]

    Well, after a fashion. Best Practices, in the context of computer
    security, should be used as a touchstone for the ignorant and/or
    fraudulent, trying to pretend that their field is sufficiently
    mature to have something analogous to Best Practices.



    firewall-wizards mailing list

  • Next message: The Anarcat: "Re: [fw-wiz] More Syslog Questions"