This is the real concern
on
Today's SCO News
·
· Score: 5, Insightful
I was at a meeting yesterday with 60 or so Security and IT leaders from around our city. One of the items being discussed was the use of OSS. The general consensus of the non-techie leaders was that they would steer away from OSS when things like SCO were going on. The more technical leaders were trying to explain some of the issues, but that largely fell on deaf ears.
This entire issue has nothing to do with the code. It doesn't matter when SCO release the "offending" code or if the code is really an IP infraction or not. Most people's understanding of this will simply be a headline here and there. The idea that you might get sued for using Linux will be all they remember. If the courts determine there is some basis to this, it will get even worse. Those things take a long time for the general population to forget.
"which involves fatally altering data in a database"
I've seen lots of code that could do this. Unfortunately, it was part of an eCommerce application. This made it difficult to get access to the requested data.:-)
The interesting thing is that if companies followed the requirements of the insurance company to get the hacker insurance, their security would improve tremendously. Many companies don't even perform the simple tasks the insurance companies will require. That alone would help tremendously.
Ironically, if more companies would conduct assessments, patch vulnerable systems, setup security policies, etc. the demand for this type of insurance might actually diminish. Little chance of that.:-)
So much of the decision as to what constitutes "relentlessly attacking your network" comes down to timing.
I see probes and scans hit my network 24x7. Most of the time, I just shake my head at the futility. I figure this is similar to spam, try enough times and you'll find someone who'll buy or in this case does not have proper security.
A week or so ago, I had an important task I was trying to do while I was being scanned hard. I had just a couple of minutes to finish the task before leaving and the scan was eating up bandwidth to the extent that it was eating up part of my two minutes. This had an impact on my ability to perform my task. Does that mean I was "relentlessly attacked"? Even though most of the time I would only find it annoying and not give it much attention?
I hope not. I'm not sure I'm the best person to make those decisions, and I certainly don't trust the rest of you.:-)
I work for a computer consulting company which deals with mainly Fortune 500 companies. Java is the most requested language with VB/ASP coming in next..NET is starting to grow and we anticipate it will continue next year. It seems to be that companies are moving from VB to.NET, not that Java developers are moving to.NET.
Slashdot Mirror
I was at a meeting yesterday with 60 or so Security and IT leaders from around our city. One of the items being discussed was the use of OSS. The general consensus of the non-techie leaders was that they would steer away from OSS when things like SCO were going on. The more technical leaders were trying to explain some of the issues, but that largely fell on deaf ears.
This entire issue has nothing to do with the code. It doesn't matter when SCO release the "offending" code or if the code is really an IP infraction or not. Most people's understanding of this will simply be a headline here and there. The idea that you might get sued for using Linux will be all they remember. If the courts determine there is some basis to this, it will get even worse. Those things take a long time for the general population to forget.
"which involves fatally altering data in a database"
I've seen lots of code that could do this. Unfortunately, it was part of an eCommerce application. This made it difficult to get access to the requested data. :-)
What if I became Pope?
...
Yes, they're all based on pure fantasy!
Have you been fantasizing about becoming Pope?
Hmmmmmmm.
The interesting thing is that if companies followed the requirements of the insurance company to get the hacker insurance, their security would improve tremendously. Many companies don't even perform the simple tasks the insurance companies will require. That alone would help tremendously.
:-)
Ironically, if more companies would conduct assessments, patch vulnerable systems, setup security policies, etc. the demand for this type of insurance might actually diminish. Little chance of that.
He just followed the 13 year old's example. He lauched a penguin with a camera - not exactly a small animal but . . .
So much of the decision as to what constitutes "relentlessly attacking your network" comes down to timing. I see probes and scans hit my network 24x7. Most of the time, I just shake my head at the futility. I figure this is similar to spam, try enough times and you'll find someone who'll buy or in this case does not have proper security. A week or so ago, I had an important task I was trying to do while I was being scanned hard. I had just a couple of minutes to finish the task before leaving and the scan was eating up bandwidth to the extent that it was eating up part of my two minutes. This had an impact on my ability to perform my task. Does that mean I was "relentlessly attacked"? Even though most of the time I would only find it annoying and not give it much attention? I hope not. I'm not sure I'm the best person to make those decisions, and I certainly don't trust the rest of you. :-)
I work for a computer consulting company which deals with mainly Fortune 500 companies. Java is the most requested language with VB/ASP coming in next. .NET is starting to grow and we anticipate it will continue next year. It seems to be that companies are moving from VB to .NET, not that Java developers are moving to .NET.