Re: [ISN] Security exec picked for board

From: InfoSec News (isnat_private)
Date: Mon Jan 14 2002 - 01:08:55 PST

  • Next message: InfoSec News: "[ISN] Linux Advisory Watch - January 11th 2002"

    Forwarded from: Ejovi Nuwere <ejoviat_private>
    Interesting comments. Please see mine below.
    > Interesting that all "Security Expert"  believe that just because
    > one is placed in a position of authority, or selected for
    > responsibility that one must think and behave as they do.
    Sorry, I don't understand what you mean.
    > My concern is not where the individual cut his teeth but, what
    > will that individual bring to the table.  When I hear the banter
    > that is generated by, "security experts" regarding the lack of
    > concern of AOL, or MS or even the repetitive US Government
    > Receives Failing Grade In Information Security or labeling federal
    > international statutes irrelevant cause they don't see it the way
    > you do.  I see you whipping them but, I do not see you offering up
    > your 100,000 plus consultant job to fix the problem.
    I'll give up my job for a position that could affect government policy
    in regards to IT or Security at the drop of a dime. Why must we
    question the integrity of those who object to government choices? When
    someone takes a public position in the government they open themselves
    up to scrutiny. I find the questioning of a appointee's credibility
    essential to the progression of government policy. Don't we question
    the Presidents credentials and relationships with large corporations?
    What if Larry Wall was appointed "Head of National Identification
    Systems" would we not question this choice?
    Like many people on this mailing list the appointment of a former
    Microsoft executive to a government position effecting policy and
    security worries me. Not only because of Microsoft's history in
    regards to security but because he was an executive at the largest
    software company in America. A company that spends untold amounts of
    money on lobbying, a company entrenched in legal and anti-trust
    battles with the government still to this day. Does no one else see
    the conflict of interest here?
    > My 25 Years of experience has shown me that money doesn't solve
    > issues people do. As security experts we should be providing
    > assistance and recommendations to those desiring to better our
    > environment.  More productivity is wasted in whining than in any
    > other arena.
    There are people who currently provide such assistance, have you seen ? Or perhaps EFF? I ask of you not to attack
    those who speak out. What we need is for people to whine, kick, scream
    and cry every time we see something wrong. It is our duty as members
    in this community to do so. I may not have 25 years of experience, but
    I've spent my entire career focused on IT Security, and most of my
    life in local politics. And I know that its the voice of the people in
    public forums that make change, forums like this. For this reason I
    predict nonsense such as DMCA will be modified for the better of the
    security community within the next five years. Because of public
    I may not be a CISSP but I can spot a possible vulnerability from a
    mile away.
    This new appointee may surprise us, he may do a great job, in which case 
    he will have my fullest support. But now he must prove himself. Until 
    then I'll remain skeptic.
    Ejovi Nuwere
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Mon Jan 14 2002 - 06:48:01 PST