Re: AppleScript & HTML Again...
Re: AppleScript & HTML Again...
- Subject: Re: AppleScript & HTML Again...
- From: "John C. Welch" <email@hidden>
- Date: Tue, 30 Mar 2004 18:12:00 -0600
On 3/30/04 4:09 PM, "Michael Terry" <email@hidden> wrote:
>
As a bonus, network administrators, and anyone else who wants to be
>
extra secure, can lock down the system by changing the--what did Walter
>
want us to call it?--URL scheme. This is exactly what I'd expect a
>
network administrator to do. Naturally, I won't because the risk of the
>
default setup has been blown out of proportion. It's hard for people to
>
keep perspective, I understand. Anything that has inspired such a long,
>
contentious thread must carry with it some risk to be concerned about,
>
right?
I think it's a pov clash. I simply cannot afford to take security lightly.
You evidently can. I've been at places that did. I worked at a weather
science company. We tried for *years* to get a firewall in place.
"Oh no" the users said, "We need to be open, and free, a firewall would
restrict that". So the CEO did agree and the firewall was not installed.
Then we tried to lock down access to machines. "Oh no" the users said, "That
would be inconvenient, and render our systems useless. Besides, we're such a
a small company. We've only 50 employees. Who would want to hack us? The IS
department is blowing it all out of proportion!". So the CEO did agree, and
nothing was done that would in any way inconvenience anyone.
Then one day we get a missive from a company we worked with. Our CEO -
mandated security policy had been breached by a hacker who cared about our
small, almost non-existant company, because we did have terabytes of
storage, and a biiiiig fat internet connection.
And who, might you ask, spend the next two weeks working over 100 hours each
week to institute real security, rebuild all the compromised machines,
install the firewall and configure the new system so this couldn't happen
again?
Was it the CEO who made the stupid decision? Noooooo
Was it the users who badgered the CEO to make this bad decision? Noooooo
Was it the three - man IS department who had tried to prevent this problem
in the first place and had been told they were idiots for raising this
concern because who would care about an oh-so-small company? Yeesssssss
Oh, and the IS department did receive many stern emails calling them names
for "letting this happen".
So once bitten, twice shy, and all that.
john
--
You might not be able to remember it, but if you wake up the next day with a
bloody nose, no money, barf all over your jeans and a finger or two smelling
like poontang then you had a good night.
_______________________________________________
applescript-users mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/applescript-users
Do not post admin requests to the list. They will be ignored.