再保险:当前的标准/标准“未定义行为”

在星期五,2017年5月12日,Landfield,肯特写道::你能让我们知道你为什么不?t参与电话吗?是时间我这样做,你能给我打电话,因为他们的总结开始,到%的董事会成员参加吗?出席的平均或中是什么?如果你不能,你应该停止考虑如果这些调用是一个以某种方式横切篡夺控制的工具。毕竟,他们随机取代控制在很多其他重要/ industry-shocking变化,没有我们的审查。提醒我为什么我们相信此时横切吗?不再考虑“你的管理”,并开始考虑“APTderp”。我认为这可能是一个更好的类比和更谨慎。:问题?如果是这样我们可以尝试找到一个更好的适应时间:更多的董事会成员。 I agree and have stated in the past that real Given the current Board, and I am fairly sure we went through this for weeks... trying to find a time that works for EVERYONE is a lost cause. The current time was selected based on the "best we could do", no? I think we have some mails archived on this. : decisions need to be made on the Board list(s). The Board calls : however, do give us a higher bandwidth opportunity to go more in-depth : on specific issues. We need all to be there if possible and have had They do. But until we have a true transcript of those calls, and the calls are treated as a "single email" in the context of the Board, it simply isn't fair. Decisions are effectively made on these calls without the consent of the board. : Can you enlighten us as to why you do not attend? Sure! You can guess which is more important to me: 1. I am typically not available Thursday at ~ 1PM or whenver they were. I deleted my Calender event because I was basically never available (best case, I was driving up I-70 through dead zones and the tunnels, which i spent a year working with a local T-Mobile managing engineer to resolve). I can also guarantee you, that the Europeans will never make that time unless they stay up VERY late, after a 14 hour day working, often fighting to understand horrible CVE assignments. 2. We get a rough summary of the call, but not real detail. We get "minutes", great. That doesn't tell me "Kent was really worked up, and thought that $newidea was complete crap". It doesn't tell me that "$whoever objected quite a bit", or what was said to resolve it and ultimately make some "informed" decision. 3. I have long had a serious disdain for InfoSec people who insisted on phone calls, after a few emails. In my personal experience, after too many years, they did it because they specifically did NOT want a record. Usually because they were trying to explain why they weren't a charlatan / fraud, and why you could clearly trust them as a human. [Disclaimer: remember, I was the primary person behind Attrition Errata.] 4. Based on the above, security is about integrity. We're auditors. We like logs... records... a transcript of what transpired. Until I have that, and understand where a conclusion came from? I don't consider myself informed. Don't in turn expect me to make an informed vote on anything. .b