wmoran at potentialtech.com
Mon Jun 22 15:36:14 UTC 2009
In response to "Gary Gatten" <Ggatten at waddell.com>:
> OK - this thread is scaring me. Anything that involves a "backdoor"
> threat is very concerning - I keep looking over my shoulder to make sure
> no one is sneaking up on me!
My job here is done ...
In my experience, most people don't take the steps necessary to really
secure their systems. But it's all a tradeoff. If I'm running an online
banking site, then I'm going to go all out to ensure that all the required
steps are made to secure the system, otherwise I'm not going to stay in
business very long.
But if I'm selling ringtones over the internet, or running a site for flash
games that makes money off banner ads, how diligent should I be? I mean,
if someone breaks in, how much do I lose? I'm not storing anyone's credit
card numbers, so I just have to deal with a couple days of downtime while
I fix the server. And chances are nobody is going to break into my system
anyway, since I don't have anything worth stealing.
Of course, the flaw in that reasoning is that while you may not care, the
rest of the internet is getting bombed by the botnet that you've joined
by your carelessness.
The counter-argument to that is that you can't afford what it would cost
to _really_ secure a system like that. And it's not justified if the
information isn't sensitive anyway.
So, yes. Keep looking over your shoulder. _Someone_ is sneaking up on
More information about the freebsd-questions