On Tue, Apr 08, 2014 at 11:46:49AM +0100, ianG wrote: > While everyone's madly rushing around to fix their bits&bobs, I'd > encouraged you all to be alert to any evidence of *damages* either > anecdotally or more firm. By damages, I mean (a) rework needed to > secure, and (b) actual breach into sites and theft of secrets, etc, > leading to (c) theft of property/money/value etc. > [[...]] > > E.g., if we cannot show any damages from this breach, it isn't worth > spending a penny on it to fix!
This analysis appears to say that it's not worth spending money to fix a hole (bug) unless either money has already been spent or damages have *already* occured. This ignores possible or probable (or even certain!) *future* damages if no rework has yet happened. This seems like a flawed risk analysis to me. In particular, this analysis could be used to argue against spending any money trying to reduce risk or damages from rare events which haven't happened yet. For example, as of January 1, 2011 (= 69 days before the Fukushima Daiichi disaster), this analysis would have said that since no nuclear reactor in the world has ever been damaged by a tsunami (a true statement on that date), it isn't worth spending any money trying to secure nuclear reactors against tsunami damage. -- -- "Jonathan Thornburg [remove -animal to reply]" <[email protected]> Dept of Astronomy & IUCSS, Indiana University, Bloomington, Indiana, USA "There was of course no way of knowing whether you were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time." -- George Orwell, "1984" _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
