Thursday, July 20, 2006

On Obvious II

Here is a perfect addition to my collection of "obvious=stupid" in our security realm. Quoting from RationalSecurity blog:

"The first of many 'Captain Obvious' quotations oft times contradicted further on in the article to fill up the word count:
* But it was the critical holes that caught most security experts' and managers' attention. [!-hmm, I wonder why]
* Anything that is ranked as critical and allows an attacker to take control of a system is very high priority [!-they should have said 'everything critical is of critical priority. duh!]
* An anonymous user from outside could deliver malicious traffic [!-wow, this is serious, guys]
* I wouldn't be surprised if you saw an exploit being publicly released tonight or tomorrow ..."

The source of this is - oh, horror - DarkReading, which is otherwise high quality!

1 comment:

Anonymous said...

Anton:

Firstly, I don't know how I haven't found my way to your blog before, but I'm glad you left a comment on my blog because it brought me here.

I'm glad to see that someone else -- even on the "darkside" of vendorship -- isn't afraid to step up and call it like it is.

Our industry has reached a point on the stupidity continuum that even I am having a hard time fathoming.

Great set of posts. I am sure looking forward to reading "On Obvious MXMXXLCVIII" ;)

Chris
http://rationalsecurity.typepad.com

Dr Anton Chuvakin