The Aerie
I am under an incredible amount of pressure at work, so much so that I almost had to cancel our vacation to the Black Hills this weekend. Almost.
So of course when I'm under all of this pressure, I focus like a laser on the tasks at hand, I dedicate my self to the unrelenting pursuit of quality, I invest all my...
...Okay, I get distracted and create de-motivational posters.
Here's the latest.
The poster is emblematic of what I deal with in the information security field. This morning a pen-tester was showing our group that he'd discovered a hole in a newly developed, not yet released application so large that it allowed him to intercept all communications between a customer and the server. He could step into the middle of the communication and take over completely: if a product was sold on the server for $10, he could change the price to $12. The customer wouldn't know the price wasn't $12, that what he'd see and he'd pay it - the server wouldn't know the customer had paid $12, because the pentester could take out the $2 for himself, and send the $10 along to the server.
Everyone would be happy - the customer would get the product, the server would make the sale, and the pentester would walk away $2 richer.
Meanwhile the majority of effort in the organization is to squelch the findings, remove the ability of the pentesters to examine the application, and assign blame to other parties.
Hence the poster. I took me fifteen minutes to find the image and create the poster. Time well spent, I say!
Posted by Albatross at July 16, 2008 10:56 AM | TrackBack