funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ? - I don't know where to send this one, so I'm sending i t here...

From: Drsolly <drsollyp () drsolly com>
Date: Thu, 3 Nov 2005 12:19:33 +0000 (GMT)
On Thu, 3 Nov 2005, Nick FitzGerald wrote:


Drsolly wrote:


   Why are our "protection" systems based on the obviously absurd
   notion that it is somehow more useful/efficient/whatever to detect
   more known bad stuff (which is a form of default allow) than simply
   to detect and allow only the known good stuff (default deny)?

 
Who will you determine which stuff is good, how will they do it, and what 
will be the mechanism for updating that list?


Lessee...

You're suggesting there is a problem here, whereas, in the current 
system who gets to determine that something is "bad" and that this list 
needs updating is someone other than the system admin or user?


Users will click on "OK" when asked "IS this a good thing?", because if 
they click on "Not OK", then whatever it was they were trying to do, won't 
work, and they'll learn quite quickly that "OK" is the answer that works.
 

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: