Firewall Wizards mailing list archives
Re: concerning ~el8 / project mayhem
From: ark () eltex ru
Date: Mon, 19 Aug 2002 20:05:26 +0400
"Marcus J. Ranum" <mjr () ranum com> said :
It's time to realize that there are things that are unknown to white hat community and a security expert should _predict risks_ instead of using traditional these days model "there is a bug recently discovered,Oh, COME OFF IT!! We've known THAT for EVER.
_We_ did. _THEY_ should be forced into that. The method is no good, but others did not work :(
It's only the desperate vendors and security newbies who subscribe to trivial penetrate-and-patch schemes. I've been known to advocate penetrate-and-patch-real-fast as an alternative to penetrate-and-patch-in-user-time but only out of frustrated desperation. Because the more obvious alternatives aren't happening due primarily to market pressures and cluelessness.
You said that. Aren't happening :( [dd]
So, please don't say "people need to get out of 'penetrate and patch'" when lots of us have been saying ALL ALONG that it's a bad idea. :) The fact that a huge number of people and organizations continue to do security design wrong is not because nobody knows how - unless you cound willful ignorance.
So they need a visual demonstration of the fact good design is _required_ and its absense cannot be compensated with pach-real-fast methods. Looks like they really do not want to know unless someone will force them. Yes, willful ignorance, you're right. _ _ _ _ _ _ _ {::} {::} {::} CU in Hell _| o |_ | | _|| | / _||_| |_ |_ |_ (##) (##) (##) /Arkan#iD |_ o _||_| _||_| / _| | o |_||_||_| [||] [||] [||] Do i believe in Bible? Hell,man,i've seen one! _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: concerning ~el8 / project mayhem, (continued)
- Re: concerning ~el8 / project mayhem Paul Robertson (Aug 19)
- Re: concerning ~el8 / project mayhem Tina Bird (Aug 19)
- Re: concerning ~el8 / project mayhem Adam Shostack (Aug 19)
- Re: concerning ~el8 / project mayhem Nate Campi (Aug 19)
- Re: concerning ~el8 / project mayhem Barney Wolff (Aug 19)
- Re: concerning ~el8 / project mayhem R. DuFresne (Aug 18)
- Re: concerning ~el8 / project mayhem Dave Piscitello (Aug 19)
- Re: concerning ~el8 / project mayhem Iván Arce (Aug 23)
- Re: concerning ~el8 / project mayhem Crispin Cowan (Aug 23)