On 10/10/18, Mike Hale <eyeronic.des...@gmail.com> wrote: > To be fair, the idea that your security costs shouldn't outweigh > potential harm really shouldn't be controversial. You don't spend a > billion dollars to protect a million dollars worth of product.
The problem with that idea is that it's almost always implemented as your security costs shouldn't outweigh _your_ potential harm Regards, Lee > On Wed, Oct 10, 2018 at 10:54 AM Naslund, Steve <snasl...@medline.com> > wrote: >> >> Mr Herrin, you are asking us to believe one or all of the following : >> >> 1. You believe that it is good security policy to NOT have a default DENY >> ALL policy in place on firewalls for DoD and Intelligence systems handling >> sensitive data. >> >> 2. You managed to convince DoD personnel of that fact and actually got >> them to approve an Authorization to Operate such a system based on cost >> savings. >> >> 3. You are just trolling to start a discussion. >> >> The reason I asked what system it is would be to question the authorities >> at DoD on who and why this was approved. If you don't want to disclose >> that then you are either trolling or don't want anyone to look into it. >> It won't be hard to determine if you actually had any government contracts >> since that is public data. There are very few systems whose EXISTENCE is >> actually classified, but you were the one that cited it as an example >> supporting your policy. If you cannot name the system then it doesn't >> support your argument very well does it. Completely unverifiable. >> >> In any case I believe the smart people here on NANOG can accept or reject >> your security advice based on the factors above. I'm done talking about >> this one. >> >> Steven Naslund >> >> >> >> Want to tell us what system this is? >> >> >Yes, I want to give you explicit information about a government system >> >in this public forum and you should encourage me to do so. I thought >> >you said you had some skill in the security field? >> > >> >Regards, >> >Bill Herrin