 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Jesse Noller wrote: > > It is the designer's/admin's responsibility to check > these sites for possible vulnerabilities of the software he/she is > installing. To make the excuse "i don't have the time" or "the vendor should > have gave me the patch" is, in and of itself, a denial of responsibility > (What i call the DoR attack, commonly found in extremely large > corporations). Also the corporation's responsibility to ensure that resources are allocated to deal with these matters. It's not fair to place the entire burden on system administrators, who, as I'm sure many can attest, are often overworked and fiscally shortchanged. Make sure you clearly articulate your security (and other) concerns to your corporate officers. And tell them what resources you require to deal with these concerns. It's any systems administrator's burden to make sure their employers are adequately educated. It is then the employer's burden to prioritize the allocation of resources. Ideally, we would all just see a problem and solve it. Unfortunately, sometimes you also have to just make sure you cover your ass. -Ron- - Subcription/unsubscription/info requests: send e-mail with "subscribe", "unsubscribe", or "info" on the first line of the message body to discuss-request at blu.org (Subject line is ignored).
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
