Firewall Wizards mailing list archives

Re: Apology - not necessary

From: "Stephen P. Berry" <spb () incyte com>
Date: Wed, 30 Sep 1998 09:20:55 -0700

-----BEGIN PGP SIGNED MESSAGE-----



John Nicholson <jnichols () prg com> wrote (responding to Perry E. Metzger):

You seem to have no problems about the same implication for French
software. Would you have the same objection if someone had written, "A
reasonably paranoid sysadmin should consider avoiding Russian (or Soviet)
firewall technology"? I notice that you did not comment on the assertion
that the Israelis had been caught with their hand in the cookie jar. If
that is true, then why should a reasonably paranoid person NOT think twice
about using software that could have been influenced by that gov't?


A reasonably informed paranoid person would realise that if past
behaviour is a good metric for estimating future behaviour, then a
person or organisation has far greater risk of being covertly monitored
by their own government than a foreign one.  Should we then avoid
security products developed in our own nation?

Beyond that, that same reasonably informed paranoid person would probably
come to the conclusion that background checks for and daily body searches
of the custodial staff would do more to thwart any possible Mossad
surveillance efforts than not using Firewall1 would.

And if any of the above scenarios are a serious concern, the reasonably
informed paranoid person probably wouldn't be using a commercial firewall
in any case.

Further, our reasonably informed paranoid person would probably avoid
developing and implimenting a security infrastructure in which a single
point of failure would result in overall compromise of the entire
enterprise[1].  If your firewall actually -had- an Israeli backdoor,
pragmatically what impact would that have on your business?  Would you
find out about it if it was used?



- -Steve


- -----
1     Perhaps mod payoff to our reasonably informed paranoid person.  This
      would again depend on what sort of organisation we're discussing.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBNhJaOirw2ePTkM9BAQEPugQAi0PguTd4JUsXX+ZPgLdaNtPSUDikPW/s
dfkup86tBA3ThcoQ5NRU6r605S1uusTOeF7JbbqCtmH5It3ZdAcNGT68m1KfGG9y
AeLMLgNwJCVlPuSS5UDHo9unMR+EIGBa+sO4VoKDYzXxCtu/QVo9/pntNMmCXRzX
1pd31K1GzC0=
=cmyv
-----END PGP SIGNATURE-----

Current thread:

Re: Apology - not necessary Stephen P. Berry (Oct 01)
- Re: Apology - not necessary Paul D. Robertson (Oct 01)