Quote:
Some would argue that some hackers do a useful social service by finding and exploiting holes in software. When they publicized them, it requires makers of the software to address the issue. In the case of ASPD, the hackers were obviously malicious, not just finding vulnerabilities and leaving a benign calling card.[/b]
Would you argue that Bernie Madoff did a service by pointing out the inadequacy of the financial regulators?
Quote:
...
However, and I'm relying on what has been reported and not on personal knowledge, by running wildly outdated and vulnerable software, ASPD was asking for it. That certainly doesn't excuse the criminals who perpetrated the hack, but much of the blame, at least in my mind, lies at the feet of ASPD. It's like living in a high crime area and leaving your door unlocked, open, and advertising that you're gone and have expensive stereo equipment and lots of new flat screen TVs with no security lights around your house (after you've had a previous burglary). If my law firm treated our computer security like ASPD treated theirs, I'd be out of business. And I have far less valuable proprietary information that ASPD does and don't directly derive any of my income from computer data. I doubt my firm is hack proof, but we have daily updates of software, hardware and software firewalls, daily backup of data, VPN only outside access, etc.[/b]