Personally, I feel it's a VERY valid point. If the only way to fix
something, for example, is by training and education, it's entirely
possible the time (and resources) necessary to do such a thing isn't
there.
[EMAIL PROTECTED] said:
> If you do not have time, and the audience does not care
> eno
On Thu, 2 Sep 2004 12:53:20 -0700 (PDT), Security List
<[EMAIL PROTECTED]> wrote:
> Mr. Tucker wrote:
>
> >Maybe, but you have to educate people somehow, and
> you don't have time
> >to explain everything.
>
> This is an excuse and the weak point. If you do not
> have time, and the audience does
Mr. Tucker wrote:
>Maybe, but you have to educate people somehow, and
you don't have time
>to explain everything.
This is an excuse and the weak point. If you do not
have time, and the audience does not care enough to
spend the time, then the battle is already lost.
On Thu, 02 Sep 2004 10:02:12 -0400, Barry Fitzgerald
<[EMAIL PROTECTED]> wrote:
> I... tend to agree. It's a difficult question because analogies are
> useful if the person reading the paper has no point to base their
> opinion off of. However, I see two problems with this:
>
> 1) Perhaps a pape
On Wed, 01 Sep 2004 15:03:03 EDT, "Clairmont, Jan M" said:
> The Clairmont-Everhardt Index of potential Security vulnerability being equal
> to the (Number of Computers)! * (Number of People using the systems)! * (Number of
> Ports)!
> * (the Lines of Code)! * (The number of Applications)! * (Nu
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, September 02, 2004 10:39 AM
To: Clairmont, Jan M
Cc: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] Response to comments on Security and
Obscurity
On Wed, 01 Sep 2004 15:03:03 EDT, "Clairmont, Jan M" said:
> The Clairmont
yaakov yehudi wrote:
A firewall is more akin to a specialized filter medium, but filter mediums aren't used as the entrance or exit to a military base.
It is probably possible to find analogies between the information security world and
physical - but only on a piecemeal basis, and that is simp
On Wed, 01 Sep 2004 17:06:45 -0400, Barry Fitzgerald
<[EMAIL PROTECTED]> wrote:
> You're right with this scenario, of course, but I don't think that they
> meant that there was no room for physical protection in information
> security.
My point was intended to make people realise that where your s
A firewall is more akin to a specialized filter medium, but filter mediums aren't used
as the entrance or exit to a military base.
It is probably possible to find analogies between the information security world and
physical - but only on a piecemeal basis, and that is simply irrelevant and po
James Tucker wrote:
This is not dissimilar from the discussion that, for example:
Walk into the headquarters of a major business firm, you take the
elevator up to the top floor as you don't have a keycard to get you in
a lower level. It's lunchtime and the secretary at reception has left
her desk.
As the Japanese Proverb says, "Only painters and lawyers can change
black to white."
What are your goals with this paper? If you seem to have gotten a mostly
hostile response, than keep in mind that this is a ten year old debate
in this, and other on-line forums, and that despite your previous "
Dr. Swire:
First I have to laud your courage for venturing onto this forum of inconsolate
security derelicts.
If there is one thing to learn about the world after 911: everything is a
potential military target. Infrastructure and the internet is certainly one that
needs to be secured. The questi
Some responses to the first morning worth of comments. A big reason for
posting the paper to Full Disclosure was to make the paper less stupid -- to
learn from the list. I've been working on this topic since I left the White
House in early 2001, where I worked on privacy and computer secu
13 matches
Mail list logo