Security Lesson from A Mouse Story
I was going through some old blog posts, and one I found contained the following story:
A mouse looked through the
crack in the wall to see the farmer and his wife open a package.
“What food might this contain?” The mouse wondered –
he was devastated to discover it was a mousetrap.
Retreating to the farmyard,
the mouse proclaimed the
“There is a mousetrap in the house! There is a mousetrap
in the house!”
The chicken clucked and scratched, raised her head and
said, “Mr. Mouse, I can tell this is a grave concern to you
but it is of no consequence to me.
I cannot be bothered by it.”
The mouse turned to the pig and told him, “There is a
mousetrap in the house! There is a mousetrap in the house!”
The pig sympathized, but said,
“I am so very sorry, Mr. Mouse,
but there is nothing I can do about it but pray.
Be assured you are in my prayers.”
The mouse turned to the cow and said, “There is a
mousetrap in the house!
There is a mousetrap in the house!”
The cow said, “Wow, Mr. Mouse.
I’m sorry for you,
but it’s no skin off my nose.”
So, the mouse returned to the house, head down and dejected,
to face the farmer’s mousetrap– alone.
That very night a sound was heard throughout the house –
like the sound of a mousetrap catching its prey.
The farmer’s wife rushed to see what was caught. In the
darkness, she did not see it was a venomous snake
whose tail the trap had caught.
The snake bit the farmer’s wife.
The farmer rushed her
to the hospital and she returned home with a fever.
Everyone knows you treat a fever with fresh chicken soup,
so the farmer took his hatchet to the farmyard for the soup’s
But his wife’s sickness continued,
so friends and neighbors came
to sit with her around the clock.
To feed them, the farmer butchered the pig.
The farmer’s wife did not get well; she died.
So many people came
for her funeral, the farmer
had the cow slaughtered to provide enough meat for all of them.
The mouse looked upon it all from his crack in the wall with great sadness.
So, the next time you hear someone is facing a problem and think it doesn’t concern you,
when one of us is threatened,
we are all at risk.
I posted that back in 2006 (crap, I am getting old), and I said it had some security points. But the post also said that I was hungry when I was writing it (coincidentally, I am hungry right now also – huh, maybe I’m just always hungry…), so I didn’t break those down. Well fans, let me remedy that situation now. Here’s the lesson:
Your insecurity affects us all. If you know there is a security problem (whether that be by your own discovery or through someone else warning you), and you have the power to either fix it or influence someone who does have the power, then get ‘er done.
I know there are all kinds of caveats to that as far as risk, process, etc. But the raw edge needs to be there. Ignoring a problem does not make it go away. In today’s world of hactivism and hacking for hire, there are just too many attacks coming from too many angles. Test, fix, retest, fix, retest, fix, and so on. Stop screwing around.
This rant brought to you by @m1a1vet