Security Basics mailing list archives

Re: Re: Re: Article: "Security Absurdity: The Complete, Unquestionable, And TotalFailure of Information Security."

From: "Saqib Ali" <docbook.xml () gmail com>
Date: Tue, 23 May 2006 09:25:59 -0700

See http://www.winternals.com/Products/ProtectionManager/ for a
product that will provide deny by default and whitelists. It is an
excellent product designed by Dr. Mark Russinovich and Dr. Bryce
Cogswell of Carnegie Mellon University.

On 20 May 2006 22:28:12 -0000, ru_trustified () yahoo com
<ru_trustified () yahoo com> wrote:

The whole debate following this article is of course based on status quo technology. Would anyone care to imagine how 
the theat model and the end results are modified if a truely positive security model  (deny by default+ white list of 
privileged access) could be incorporated?



--
Saqib Ali, CISSP, ISSAP
Support http://www.capital-punishment.net
-----------
"I fear, if I rebel against my Lord, the retribution of an Awful Day
(The Day of Resurrection)" Al-Quran 6:15
-----------

Current thread:

Re: Re: Article: "Security Absurdity: The Complete, Unquestionable, And TotalFailure of Information Security." generaldisarray04 (May 20)
- <Possible follow-ups>
- Re: Re: Re: Article: "Security Absurdity: The Complete, Unquestionable, And TotalFailure of Information Security." ru_trustified (May 23)
  - Re: Re: Re: Article: "Security Absurdity: The Complete, Unquestionable, And TotalFailure of Information Security." Saqib Ali (May 23)