Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Host Based Packet Filters (was: OT: The Morris worm to Nimda, how little we've learned or gained)

From: Crispin Cowan <crispin () wirex com>
Date: Mon, 07 Jan 2002 13:42:37 -0800
Bill_Royds () pch gc ca wrote:


The problem with using OpenBSD as a desktop is not security but
functionality. If I can't get the job done using the secure tools, then
the secure tools won't be used.
... When all the functionality
of software that makes enterprises work is available on a secure OS (and
MS will never make that OS), then we can convert to that OS.
We make that OS, and at a pretty decent price :-) Immunix is designed to enhance security without compromising on functionality, by applying a variety of tools (StackGuard, FormatGuard, RaceGuard) that limit the exploitability of the inevitable software vulnerabilities that come with lots of functionality.
In the absence of sneaky widgets like StackGuard, then I agree: security inevitably ends up being a trade-off with functionality, and for most purposes, functionality wins. 

Crispin

--
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc. http://wirex.com
Security Hardened Linux Distribution:       http://immunix.org
Available for purchase: http://wirex.com/Products/Immunix/purchase.html


_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: