Firewall Wizards mailing list archives
Re: Extreme Hacking
From: Bennett Todd <bet () newritz mordor net>
Date: Fri, 9 Jul 1999 00:26:58 +0000
1999-07-05-20:26:55 Marcus J. Ranum:
Hacking isn't a technological problem, it's a social problem. As such, it's not going to be "solved" by technological means, but rather by social means.
I dunno, much as I hate to step up and disagree with you of all people, I can't quite sit still for that. I believe "hacking" (in the sense it's being used here, as in burgling) is a symptom of a technological problem. Substantial and sophisticated systems, offering rich and diverse services, _can_ be designed and assembled with no exploitable security problems; a certain amount of conservative caution is needed, and in maintenance you have to keep an eye out for new discoveries, but if more people designed systems with security as a primary requirement, there'd be negligble activity among the computer burglars --- going around twisting doorknobs gets boring if none of 'em ever turn. The cool thing is that making security a driving requirement pushes you towards simpler designs, based on stable and well-designed building blocks, and these in turn tend to be reliable, and often very fast; there are rewards all over for doing things right from the beginning. Admittedly it can be nearly impossible to retrofit security onto a sufficiently-screwed-up, sufficiently-large system --- but such a screwup is where you can routinely demonstrate terrific benefits from a cold redesign and reimplementation. -Bennett
Current thread:
- Re: Extreme Hacking, (continued)
- Re: Extreme Hacking deab (Jul 06)
- Re: Extreme Hacking Paul Woodie (Jul 06)
- Re: Extreme Hacking Craig H. Rowland (Jul 06)
- Re: Extreme Hacking Crispin Cowan (Jul 08)
- Re: Extreme Hacking Craig H. Rowland (Jul 09)
- Vulnerability Escrow (was: Extreme Hacking) Crispin Cowan (Jul 09)
- Re: Extreme Hacking Joseph S D Yao (Jul 12)
- Re: Extreme Hacking Craig H. Rowland (Jul 12)
- Re: Extreme Hacking Vanja Hrustic (Jul 09)
- Re: Extreme Hacking Marcus J. Ranum (Jul 12)
- Re: Extreme Hacking Jody C. Patilla (Jul 07)
- Re: Extreme Hacking Rafi Sadowsky (Jul 09)
- Re: Extreme Hacking Darren Reed (Jul 12)
- Re: Extreme Hacking Darren Reed (Jul 08)