Firewall Wizards mailing list archives
RE: Application-level Attacks
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Fri, 18 Feb 2005 22:03:53 -0500 (EST)
[SNIP]
The reason I jumped on your post is because I strongly believe that in order for computer security to grow up and stop being an intellectual backwater - we need to apply a little science and attempt to accurately quantify what we are doing. That means no more analysts practicing proctological numerology, no more self-selected samples used in polls, no more proof by vigorous hand-waving.
The industry perhaps in worse shape then that, when marketing has taken over it from the ground up so completely that if one actually did take security serious and locked down their browsers, perhaps the most exploited attack vector of the current decade, to the point they are advised to, they'd not beable to cruise a single security site. Kinda like how a parent might say do as I say, not as I do... Thanks, Ron DuFresne -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior security consultant: sysinfo.com http://sysinfo.com ...Love is the ultimate outlaw. It just won't adhere to rules. The most any of us can do is sign on as it's accomplice. Instead of vowing to honor and obey, maybe we should swear to aid and abet. That would mean that security is out of the question. The words "make" and "stay" become inappropriate. My love for you has no strings attached. I love you for free... -Tom Robins <Still Life With Woodpecker> _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Application-level Attacks Joseph S D Yao (Feb 01)
- <Possible follow-ups>
- Re: Application-level Attacks George Capehart (Feb 01)
- Re[2]: Application-level Attacks gmx (Feb 11)
- Re: Re[2]: Application-level Attacks Brenno Hiemstra (Feb 12)
- Re: Application-level Attacks Devdas Bhagat (Feb 12)
- RE: Application-level Attacks Ofer Shezaf (Feb 14)
- RE: Application-level Attacks Marcus J. Ranum (Feb 14)
- RE: Application-level Attacks Frank Knobbe (Feb 14)
- RE: Application-level Attacks Ofer Shezaf (Feb 14)
- RE: Application-level Attacks Marcus J. Ranum (Feb 14)
- RE: Application-level Attacks R. DuFresne (Feb 19)
- Re: Application-level Attacks Anthony de Boer (Feb 22)
- RE: Application-level Attacks Marcus J. Ranum (Feb 14)
- RE: Application-level Attacks Ofer Shezaf (Feb 19)
- RE: Application-level Attacks Marcus J. Ranum (Feb 22)