Q: What do ISPs really think about security issues?

Sean Donelan sean at donelan.com
Fri Jan 11 04:32:42 UTC 2008


On Fri, 11 Jan 2008, Suresh Ramasubramanian wrote:
> disclaimer: Names replaced by X, Y and Z solely to render this little
> story fit for public consumption .. it took place at a nominally
> closed meeting.  It wont take you too long to arrive at reasonably
> plausible guesses for X, Y and Z, so I will leave you to the guessing.
> No points for the right answer, no comment either .. what I'm pointing
> out is general enough that it could be any X, Y and Z companies,

Yep, and X, Y and Z could be companies in any industry.  I've been at 
conferences where the A/V presentor didn't know the other part of the same 
A/V company.  And conferences where the ASP presentor wasn't aware what
the other part of the same ASP was doing about the same problem.  And so 
on.

Likewise, banks don't seem to be as concerned about identity theft as
the victimes of identity theft who call their customer service reps; 
anti-virus vendors doesn't seem to be as concerned about malware as the 
victims of malware who call their customer service reps; mail service 
providers don't seem to be as concerned about unsolicited messages as the 
victims of scams contacting their customer service reps; law enforcement 
agents doesn't seem to be as concerned about crimes as the victims who 
contact their emergency numbers.

Q: What do anti-virus companies really think about security issues?

Q: What do banks really think about security issues?

Q: What do law enforcement agencies really think about security issues?

That's why I suggested to Rob and other folks the importance of listening 
to what they tell you how to work their particular processes.  Every large
organization has them, although often the real processes are unwritten. 
Once you understand how the organization works, its much easier to figure
out how to make it work for you.

Shouting at the mountain won't move the mountain out of the way, and will 
just leave you frustrated.  But ask a native nicely for help, and you 
might learn about the trails and passes over the mountain.







More information about the NANOG mailing list