What is a reasonable expectation of security? I guess it would depend on what was being secured and what kind of resources had been allocated to secure it. If you want to secure your data you have to look at the risk and plan appropriately. If you want to ensure that files on your personal home computer are safe from prying eyes would you buy a new PC with Norton (or McAfee) security suite and let it go at that. Maybe the average consumer would, but I sure hope that a Jury would not accept that.
Apparently Michael Alan Crooker thinks that being told by a store salesman that his new PC was impenetrable provides a very high expectation level. You can read the whole story here. I know that his level of expectation was derived from more than that, but I think that if the ATF has to send the drive to the FBI's Cryptologic and Electronic Analysis unit in order to get the info off the drive then that exceeds the reasonable level of expectation for a user class PC. If he really wanted that high a level of security he should not have bought a PC running the brand new Microsoft OS.
This is another case of someone not taking responsibility for their own actions. It also looks like he figures to gain financially from his own irresponsibility.
Security's Everyman
Friday, March 02, 2007
Reasonable Expectations
Posted by Andy, ITGuy at 3:56 PM
Labels: Andy ITGuy, information security
Reasonable Expectations
2007-03-02T15:56:00-05:00
Andy, ITGuy
Andy ITGuy|information security|
Subscribe to:
Post Comments (Atom)