Comments on: A Dose of Schneier Magic http://spiresecurity.com/?p=195 Risk and Cybersecurity Analysis Wed, 21 Aug 2013 23:28:51 +0000 hourly 1 http://wordpress.org/?v=3.5.1 By: Pete http://spiresecurity.com/?p=195&cpage=1#comment-273 Pete Fri, 08 Feb 2008 14:59:35 +0000 http://spiresecurity.com/blog/?p=195#comment-273 @Beau – That certainly is a better explanation for why he might have said what he said, but I still don’t think it holds much water.

It doesn’t help the 7 billion other people on the planet to have US Govt systems patched. Plus, it sounds to me like a bit of mental accounting to take into account the impact on one set of systems (US Govt) and not all systems where there might be sensitive data of yours.

It’s a good point, though, and I’ll think about it some more. Thanks for the feedback.

]]> By: Beau http://spiresecurity.com/?p=195&cpage=1#comment-272 Beau Fri, 08 Feb 2008 14:22:23 +0000 http://spiresecurity.com/blog/?p=195#comment-272 Specifically, he’s talking about the DHS paying to have open source code reviewed. And if this is code that the US Government is using, it’s hard to see how it can NOT help everyone. Don’t think of this as “every site is automatically patched,” think of it more as “getting rid of bugs in US Government systems improves the security for all data stored by those systems.” By this way of thinking, I think he’s dead on.

]]>