Dear Madlibs,

You poor simple thing...You seem unable to understand some of the problems that people have with Adrian Lamo. People distrust him because his actions are motivated by the amount of media coverage he can garner. This should make anybody's actions suspect. Also, not everybody wants media attention. I know it's hard to believe, but really, some people prefer to be left alone.

Another problems is that the security advice that any script kiddie can offer is likely to only provide the illusion of security. If a company the size of NBC wants to secure their networks thouroughly they have more work to do than any one person could provide in a short period of time. First, you have to account for everything that is on the network(probably quite a bit), then begin deciding what should be accessible to whom, create policies regulating proper usage, setup firewalls and intrusion detection, secure individual systems, implement restrictions to prevent people from installing software that could compromise the security of the network(irc, ftp and web servers), and then some. It's a project that would normally span several months and involve a lot of people. The information that Lamo provides to the companies he breaks into may or may not be useful but it certainly won't make their networks bulletproof.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/595/16441#16441