What Should We Do About Security Ethics? 244
An anonymous reader writes "I am a senior security xxx in a Fortune 300 company and I am very frustrated at what I see. I see our customers turn a blind eye to blatant security issues, in the name of the application or business requirements. I see our own senior officers reduce the risk ratings of internal findings, and even strong-arm 3rd party auditors/testers to reduce their risk ratings on the threat of losing our business. It's truly sad that the fear of losing our jobs and the necessity of supporting our families comes first before the security of highly confidential information. All so executives can look good and make their bonuses? How should people start blowing the whistle on companies like this?"
What Should We Do About Security Ethics? (Score:5, Funny)
Re:Ethics? Where? On Slashdot? (Score:1, Funny)
Re:Gee, I dunno (Score:3, Funny)
Of course, you'll lose your job over it. So decide now. Do you want to sleep at night? Or do you want to feed your family?
Re:Ethics? Where? On Slashdot? (Score:3, Funny)
Re:Ethics? Where? On Slashdot? (Score:1, Funny)
Re:Not much (Score:3, Funny)
Last month Jim turned in his two weeks' notice.
By the way, we've got an entry level opening some of you might be interested in, just need a PhD, 10 years experience in C#, salary starts at $45k. Oh, and you have to be named Jim. Just send your resumes to jack@example.com...
Re:Three Words: (Score:3, Funny)
Google
Bank of New York
SAIC
Amazon.com
But my bet is on Toys "R" Us
Re:Three Words: (Score:3, Funny)
"I don't wanna patch up, I'm a Toy's R Us admin, there's a million exploits at Toys' R Us that I can pwn with!"
Re:make a false save (Score:3, Funny)
Of course, if that was an xxx double-penetration everyone would take notice immediately...
Free security ethics tutorials. (Score:2, Funny)