Firewall Wizards mailing list archives
RE: Transitive Trust: 40 million credit cards hack'd
From: David Lang <david.lang () digitalinsight com>
Date: Sun, 19 Jun 2005 14:34:31 -0700 (PDT)
On Sun, 19 Jun 2005, Marcus J. Ranum wrote:
If you worry about this enough, you'll realize that eventually there are 2 ways to address it: - build multilevel secure computing systems (don't go there!) - say "f*** it" Most of the industry has chosen the second option, but didn't even bother to think about it. :)
actually, there are two additional options.1. don't allow the remote user excessive access to the local system (limit the damage they can do, not the best but still far better then your option #2)
2. require authentication that isn't fully contained on the remote system (i.e. a token or one-time password, a digital certificate with a passphrase is NOT good enough)
David Lang -- There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies. -- C.A.R. Hoare _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Host based vs network firewall in datacenter Zurek, Patrick (Jun 10)
- Re: Host based vs network firewall in datacenter Devdas Bhagat (Jun 13)
- Re: Host based vs network firewall in datacenter Alin-Adrian Anton (Jun 17)
- Transitive Trust: 40 million credit cards hack'd Marcus J. Ranum (Jun 18)
- Re: Transitive Trust: 40 million credit cards hack'd Vin McLellan (Jun 18)
- Re: Transitive Trust: 40 million credit cards hack'd George Capehart (Jun 18)
- RE: Transitive Trust: 40 million credit cards hack'd Bill Royds (Jun 18)
- RE: Transitive Trust: 40 million credit cards hack'd Marcus J. Ranum (Jun 18)
- RE: Transitive Trust: 40 million credit cards hack'd Brian Loe (Jun 19)
- RE: Transitive Trust: 40 million credit cards hack'd Marcus J. Ranum (Jun 19)
- RE: Transitive Trust: 40 million credit cards hack'd David Lang (Jun 19)
- RE: Transitive Trust: 40 million credit cards hack'd Marcus J. Ranum (Jun 19)
- Re: Transitive Trust: 40 million credit cards hack'd Darren Reed (Jun 20)
- Re: Transitive Trust: 40 million credit cards hack'd Marcus J. Ranum (Jun 20)
- Re: Host based vs network firewall in datacenter Alin-Adrian Anton (Jun 17)
- Re: Host based vs network firewall in datacenter Devdas Bhagat (Jun 13)
- RE: Transitive Trust: 40 million credit cards hack'd Paul D. Robertson (Jun 19)
- Re: Transitive Trust: 40 million credit cards hack'd ArkanoiD (Jun 29)
- Re: Transitive Trust: 40 million credit cards hack'd Paul D. Robertson (Jun 30)
- RE: Transitive Trust: 40 million credit cards hack'd Paul Melson (Jun 21)
- Re: Host based vs network firewall in datacenter sin (Jun 30)