Date: Mon, 22 Jun 2009 11:36:10 -0400 From: Bill Moran <wmoran@potentialtech.com> To: "Gary Gatten" <Ggatten@waddell.com> Cc: freebsd-questions@freebsd.org, prad <prad@towardsfreedom.com> Subject: Re: backdoor threat Message-ID: <20090622113610.422cab85.wmoran@potentialtech.com> In-Reply-To: <70C0964126D66F458E688618E1CD008A0793F062@WADPEXV0.waddell.com> References: <20090619111234.6883afd2@gom> <20090619143935.6c28be98.wmoran@potentialtech.com> <20090619183535.006433d1@gom> <20090622085952.9ef38eab.wmoran@potentialtech.com> <70C0964126D66F458E688618E1CD008A0793F062@WADPEXV0.waddell.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In response to "Gary Gatten" <Ggatten@waddell.com>: > OK - this thread is scaring me. Anything that involves a "backdoor" > threat is very concerning - I keep looking over my shoulder to make sure > no one is sneaking up on me! My job here is done ... In my experience, most people don't take the steps necessary to really secure their systems. But it's all a tradeoff. If I'm running an online banking site, then I'm going to go all out to ensure that all the required steps are made to secure the system, otherwise I'm not going to stay in business very long. But if I'm selling ringtones over the internet, or running a site for flash games that makes money off banner ads, how diligent should I be? I mean, if someone breaks in, how much do I lose? I'm not storing anyone's credit card numbers, so I just have to deal with a couple days of downtime while I fix the server. And chances are nobody is going to break into my system anyway, since I don't have anything worth stealing. Of course, the flaw in that reasoning is that while you may not care, the rest of the internet is getting bombed by the botnet that you've joined by your carelessness. The counter-argument to that is that you can't afford what it would cost to _really_ secure a system like that. And it's not justified if the information isn't sensitive anyway. So, yes. Keep looking over your shoulder. _Someone_ is sneaking up on you. -- Bill Moran http://www.potentialtech.com http://people.collaborativefusion.com/~wmoran/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090622113610.422cab85.wmoran>