Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Fwd: n3td3v has a fan
From: n3td3v <xploitable () gmail com>
Date: Thu, 10 Apr 2008 18:36:44 +0100

On Thu, Apr 10, 2008 at 5:27 PM,  <Valdis.Kletnieks () vt edu> wrote:
On Wed, 09 Apr 2008 19:53:44 BST, n3td3v said:

 > It highlights what i've been saying for _years_ about never trusting
 > your employees, and you've got to patch your offline machines as fast
 > as your online ones.

 Hate to burst your bubble, but insider threats have been understood as an
 issue since well before you were born.

Side note:

So has the concept of security threater, but that doesn't stop Bruce
Schneier talking about it in essays
http://www.schneier.com/essay-155.html and at security
http://www.news.com/8301-10784_3-9915030-7.html conferences.


Inside threat:

The new skool has got to keep talking about it and evolving how we
respond to it.

Offline patching isn't taken as seriously as online patching, one day
that will change.

Valdis, you confuse me, are you saying we shouldn't discuss and evolve
how we respond to the insider threat because its already been

That makes no sense, because we didn't have cyber terrorism back when
your quote is from, so circumstances of the inside threat change and
we've got to talk about how to counter new emerging threats which come
under the old age insider threat bracket.

I had respect for you once a upon a time Valdis, don't make that change.

As far as I know a security threat is never completely conquered and
has to be continually re-evaluated all the time.

So valdis, should no one talk about insider threat again because its
been invented already?

Has someone hijacked Valdis e-mail today???

All the best,


Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]