Educause Security Discussion mailing list archives
Re: Spaf did not receive your email (was Re: [SECURITY ] Job Descriptions)
From: Gerald N Flynn <flynngn () JMU EDU>
Date: Fri, 28 Feb 2003 10:33:07 -0500
Gene Spafford wrote:
At 5:51 -0500 2/27/03, Howell, Paul wrote:In short, the different sides of this issue seems like an example of old-school vs. new-school risk calculations.Hmm, the "old school" brought us Multics, capability architectures, security kernels, trusted design principles, and reference monitors.
And no users.
The "new school" brought us 1000+ patches per year, the slammer worm, hundreds of new virus submissions a month, ActiveX, WEP, and DDOS attacks.
And 80 million (admittedly at risk) users.
Looks like the "new school " of risk calculations works with much bigger numbers! (I couldn't resist. :-)
Neither could I. :) Not that I disagree with your sentiment but can you imagine a mandatory access control OS as a home computer? :) -- Gary Flynn Security Engineer - Technical Services James Madison University ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/.
Current thread:
- Re: Spaf did not receive your email (was Re: [SECURITY ] Job Descriptions) Gene Spafford (Feb 28)
- <Possible follow-ups>
- Re: Spaf did not receive your email (was Re: [SECURITY ] Job Descriptions) Gerald N Flynn (Feb 28)
- Re: Spaf did not receive your email (was Re: [SECURITY ] Job Descriptions) Gerald N Flynn (Feb 28)