Perry E. Metzger writes: > Unless you can perform an experiment to falsify the self-declared > "objective quantitative security measurement", it isn't science. I can't > think of an experiment to test whether any of the coefficients in the > displayed calculation is "correct". I don't even know what "correct" > means. This is disturbing.
I can recommend a good single-malt scotch or tawny port if you like. Have you tried the Macallan 18? False metrics are rampant in the security industry. We really need to do something about them. I propose that we make fun of them. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com