[nmfisher]

I was quite annoyed - disappointed too - during security induction (Australian NSA). They explicitly said we should challenge anyone not wearing a badge, but then joked that we should learn the department heads first so we don’t accidentally confront the “wrong” person.

Exactly the wrong message to send, particularly for an agency that’s supposedly an expert on security.

[usrusr]

A good example of the challenges of real-life hardening. Anecdotes like this are a valuable addition to any discussion of security I think. I perfectly understand what's wrong about the attitude transferred in the joke, yet I can easily see myself being the person sending that wrong message. Very educational!