On Tue, 30 May 2000, Graham Wheeler wrote:
<snip>
> SSL can be restricted to particular e-commerce sites.
<snip>
Sounds like a rather interesting approach.. protect users by not letting
them use secure transports, rather send their junk in plaintext. Hmm.. ;-)
Seriously though, I miss one thing in this discussion about how to block
active content/whether it's false or real security/etc, and that's why
block it in the first place? Sure, there's a gazillion nasty things you
can do with Active Content(TM) (Without going into further detail re what
hides behind that somewhat fuzzy definition, of course :-), but on the
other end of the scale, there's advantages, even for security nuts.
Have a look at http://pajhome.org.uk/crypt/md5/index.html
Dont forget that it takes just one successful hit by something that can
open sockets to make a nice little tunnel into your LAN, no matter how
many proxies or whatnot you got. Looking out for oddball stuff hitting the
network often beats trusting that expensive software that says '100%
secure' on the packaging, imo.
> --
> Dr Graham Wheeler E-mail: [EMAIL PROTECTED]
Kriss Andsten
No Ph Dr Yt
VOGON AB
Norrtullsgatan 17, S-113 27 STOCKHOLM, Sweden
phone: +46-8-736 09 85 fax: +46-8-736 09 35
email: [EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
