I have been thinking about how to write this post for a while now. I have several approaches to choose from, but then I hit on the key concept. It doesn’t matter. Here is the general pattern of James’ approach to this topic.
- James will criticize ECM security as a whole and then point to one or more issues.
- I then attempt to explain why those key “issues” aren’t issues.
- James will then elaborate or comment on my post in one or more follow-ups, usually explaining something that I didn’t put in my post for one or more reasons. In the case in point, I didn’t take it deep enough. While doing this, he ignores any defenses I may have made of the “issues”. He invariably bringing up other “issues” as well.
Rather than continue the cycle, and eat my time up, I’m going to post one more time on this topic and move on for now. Some disclaimers of my own: