"Security" people often let perfect be the enemy of good. Sometimes it's okay. Sometimes not.



-----
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com

Midwest-IX
http://www.midwest-ix.com


From: "Karl Auer" <kauer@biplane.com.au>
To: "NANOG List" <nanog@nanog.org>
Sent: Monday, December 13, 2021 6:54:30 AM
Subject: Re: Log4j mitigation

On Mon, 2021-12-13 at 06:35 -0600, Joe Greco wrote:
> Just because there are other sources of fatalities, doesn't mean you
> can't check for the quick obvious stuff.

Indeed.

One check, even an inadequate one, is better than no checks at all. And
over time you can add more checks or improve the ones you have.

Don't let "perfect" be the enemy of "good".

Regards, K.


--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer@biplane.com.au)
http://www.biplane.com.au/kauer

GPG fingerprint: 61A0 99A9 8823 3A75 871E 5D90 BADB B237 260C 9C58
Old fingerprint: 2561 E9EC D868 E73C 8AF1 49CF EE50 4B1D CCA1 5170