TODO: Add a link somewhere to this page
| From | Quote | Source |
|---|---|---|
| @Viss | "How do you get non-technical business folks to care about security? You turn off the thing that prints the money" | source |
| @Viss | "100% of the time someone says "This is un-hackable", it's bullshit" | source |
| @Viss | [Security is] "Like being hired to walk across a minefields carefully, to tell the people at the end that there are mines." | source |
| @Viss | "You have to tell customers horrible news in a way that makes them not want to immediately stab you in the throat." | source |
| @Viss | "On our larger engagements, we tell people: We will be China at you." | source |
| @Viss | "I got caught, because they had honeypots in production. The honeypots should never ever get traffic. Suddenly the honeypot's getting Nmapped." | source |
| @Viss | "Paperwork says: You have to get a pentest [...] you don't have to do anything else [...] Compliance isn't security" | source |
| @Viss | "If you tell someone what the bare minimum is, they will do the bare minimum." | source |
| Edward Snowden | "Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say," | |
| @troyhunt | "The shift in judgement from people has gone from "We're gonna be angry at these guys because they had a data-breach" to "We're not gonna be angry because they had a data breach, but we're gonna be angry if they don't handle it well" " | source |
| Rick Redman | "I recommend writing your password on your monitor with a sharpie. It's safer than using a lame password, because I have to break into your building and steal your monitor and I gotta know who it's for." | source |
| Katie Moussouris | Katie Missoury to Microsoft (her employer) "So you're gonna tell me, that you're gonna give me a corporate AmEx so I can go around the world to see all of my friends at hacker conferences and buy them drinks?" - Microsoft: "Yes precisely, that is what we would like you to do" | source 11:29 |
| Katie Moussouris | On developers writing insecure code: "Even if they don't know what they're doing wrong, calling them idiots and calling their babies ugly was probably not going to work very well " | source 14:42 |
| Katie Moussouris | On responsible disclosures: "Somebody is not calling their baby ugly, they're just saying their baby has some interesting features." | source 15:37 |
| Security Journey | "Your data has been breached, but it wasn't really our software, it was the stuff we copy and pasted in." | |
| Tim Cook | "Any backdoor is a backdoor for everyone" | source |