Question on the state of the security industry

Steve Furlong sfurlong at acmenet.net
Wed Jun 30 16:28:35 EDT 2004


On Wed, 2004-06-30 at 06:49, Ian Grigg wrote:

> Here's my question - is anyone in the security
> field of any sort of repute being asked about
> phishing, consulted about solutions, contracted
> to build?  Anything?

Nothing here. Spam is the main concern on people's minds, so far as I
can tell. Please note, though, that I'm not specifically a computer
security consultant but rather a broad-spectrum computer consultant who
does some security work and a private security guy who does some
computer work.

Topical anecdote: my last full-time but short-term consulting* gig was
at a bank. You know, money and stuff. Computer security in the
development shop consisted of telling the programmers to run NAV daily.
They used Outlook for email, with no filters on incoming mail that I
could track down. I did some minor testing from my home system. Didn't
send myself any viruses, but I did send a few executable attachments.
They all made it through.

* Not really consulting. They wanted a warm-body programmer, and not
only ignored the process improvement suggestions I was putatively hired
to provide, but seemed offended that I had suggestions to make at all.


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list