Date: Mon, 22 Jun 2009 11:39:21 -0400 From: alexus <alexus@gmail.com> To: Bill Moran <wmoran@potentialtech.com> Cc: Gary Gatten <Ggatten@waddell.com>, freebsd-questions@freebsd.org, prad <prad@towardsfreedom.com> Subject: Re: backdoor threat Message-ID: <6ae50c2d0906220839y1f9431aeg2646578b2a87a248@mail.gmail.com> In-Reply-To: <20090622113610.422cab85.wmoran@potentialtech.com> References: <20090619111234.6883afd2@gom> <20090619143935.6c28be98.wmoran@potentialtech.com> <20090619183535.006433d1@gom> <20090622085952.9ef38eab.wmoran@potentialtech.com> <70C0964126D66F458E688618E1CD008A0793F062@WADPEXV0.waddell.com> <20090622113610.422cab85.wmoran@potentialtech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jun 22, 2009 at 11:36 AM, Bill Moran<wmoran@potentialtech.com> wrote: > In response to "Gary Gatten" <Ggatten@waddell.com>: > >> OK - this thread is scaring me. Anything that involves a "backdoor" >> threat is very concerning - I keep looking over my shoulder to make sure >> no one is sneaking up on me! > > My job here is done ... > > In my experience, most people don't take the steps necessary to really > secure their systems. But it's all a tradeoff. If I'm running an online > banking site, then I'm going to go all out to ensure that all the required > steps are made to secure the system, otherwise I'm not going to stay in > business very long. > > But if I'm selling ringtones over the internet, or running a site for flash > games that makes money off banner ads, how diligent should I be? I mean, > if someone breaks in, how much do I lose? I'm not storing anyone's credit > card numbers, so I just have to deal with a couple days of downtime while > I fix the server. And chances are nobody is going to break into my system > anyway, since I don't have anything worth stealing. > > Of course, the flaw in that reasoning is that while you may not care, the > rest of the internet is getting bombed by the botnet that you've joined > by your carelessness. > > The counter-argument to that is that you can't afford what it would cost > to _really_ secure a system like that. And it's not justified if the > information isn't sensitive anyway. > > So, yes. Keep looking over your shoulder. _Someone_ is sneaking up on > you. > > -- > Bill Moran > http://www.potentialtech.com > http://people.collaborativefusion.com/~wmoran/ > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > I would also try to patch your FreeBSD, bringing it up-to-date -- http://alexus.org/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6ae50c2d0906220839y1f9431aeg2646578b2a87a248>