Security Basics mailing list archives
Re: Re: Re: Article: "Security Absurdity: The Complete, Unquestionable, And TotalFailure of Information Security."
From: "Saqib Ali" <docbook.xml () gmail com>
Date: Tue, 23 May 2006 09:25:59 -0700
See http://www.winternals.com/Products/ProtectionManager/ for a product that will provide deny by default and whitelists. It is an excellent product designed by Dr. Mark Russinovich and Dr. Bryce Cogswell of Carnegie Mellon University. On 20 May 2006 22:28:12 -0000, ru_trustified () yahoo com <ru_trustified () yahoo com> wrote:
The whole debate following this article is of course based on status quo technology. Would anyone care to imagine how the theat model and the end results are modified if a truely positive security model (deny by default+ white list of privileged access) could be incorporated?
-- Saqib Ali, CISSP, ISSAP Support http://www.capital-punishment.net ----------- "I fear, if I rebel against my Lord, the retribution of an Awful Day (The Day of Resurrection)" Al-Quran 6:15 -----------
Current thread:
- Re: Re: Article: "Security Absurdity: The Complete, Unquestionable, And TotalFailure of Information Security." generaldisarray04 (May 20)
- <Possible follow-ups>
- Re: Re: Re: Article: "Security Absurdity: The Complete, Unquestionable, And TotalFailure of Information Security." ru_trustified (May 23)
- Re: Re: Re: Article: "Security Absurdity: The Complete, Unquestionable, And TotalFailure of Information Security." Saqib Ali (May 23)