[7848] in cryptography@c2.net mail archive
Re: Qualcomm CEO Loses Laptop
daemon@ATHENA.MIT.EDU (Dan Geer)
Tue Sep 19 17:41:55 2000
Message-Id: <200009192109.RAA17058@world.std.com>
To: cryptography@c2.net
In-reply-to: Your message of "Tue, 19 Sep 2000 11:06:09 EDT."
<39C780E1.BDFA3242@spinnakernet.com>
Date: Tue, 19 Sep 2000 17:09:07 -0400
From: Dan Geer <geer@world.std.com>
> from http://www.wired.com/news/business/0,1367,38855,00.html
I work at a security consulting firm and, in fact, have
corporate IT in my portfolio. Our model for what constitutes
a plausible posture is, FWIW, simple:
1. anyone can lose a laptop and, besides coming home with their
tail between their legs, nothing bad happens
2. any of our consultants can work from any location, however
hostile (no, we don't work at national labs...)
3. while we protect our corporate net from vandals, someone
plugging into it will gain nothing of value
I'm not here to argue if the above is perfect, but it is what
we do, it is easy to explain, and it seems appropriate to the
times.
--dan
