Linked by David Adams on Tue 28th Jun 2011 15:35 UTC, submitted by HAL2001
Privacy, Security, Encryption In an unexpected move for a security company, SecurEnvoy today said that cyber break-ins and advanced malware incidents, such as the recent DDoS attack by LulzSec, should actually be welcomed and their initiators applauded. The company's CTO Andy Kemshall said: "I firmly believe that the media attention LulzSec’s DDoS attack has recently received is deserving. It’s thanks to these guys, who’re exposing the blase attitudes of government and businesses without any personal financial gain, that will make a difference in the long term to the security being put in place to protect our own personal data!"
Permalink for comment 479078
To read all comments associated with this story, please click here.
RE[5]: Comment by MORB
by Soulbender on Wed 29th Jun 2011 14:58 UTC in reply to "RE[4]: Comment by MORB"
Soulbender
Member since:
2005-08-18

Availability != security.
The fact that a site wasn't designed to withstand a DDoS does not mean it suffers from a security problem and neither is inefficient code a security problem.
It's usually not feasible to start out with a site and infrastructure designed to handle the volume of YouTube or Facebook or a DDoS.
Deploy now, get customers and worry about scalability when the need arises. Even a DDoS once or twice is not a cause for concern unless it has a major impact on your bottom line and/or is caused by a security problem.
Some wise guy said something about premature optimization a long time ago and it's still true.

Reply Parent Score: 2