Firewall Wizards mailing list archives
Re: How automate firewall tests
From: Cat Okita <cat () reptiles org>
Date: Tue, 29 Aug 2006 10:29:58 -0400 (EDT)
Marcus J. Ranum wrote:For the last 15 years we've been presented with a constant litany of important agencies, sites, and systems that have been hacked into because people don't believe that doing security right is practical.By the way, I'm not saying it _IS_ practical. That's the point. Sometimes "practical" doesn't enter into the picture. If your systems need to be secure then it's not a matter of practicality; they either are secure or they aren't. Actually securing systems is hard brain-work and is definitely going to affect the user experience in various inconvenient ways. "So what?" We've seen where "practical" has gotten us.
We've also seen where failing to take the user experience into account has gotten us - it's fine to say "make the user experience suck" - but that's one of the sure, documented ways to make sure that the user -will- find ways to bypass security (whether technical or layer 9). If nothing else, we can learn from the military, where the user experience is sometimes dramatically sucky - but there's usually a well understood threat model and process associated with the suck. cheers! ========================================================================== "A cat spends her life conflicted between a deep, passionate and profound desire for fish and an equally deep, passionate and profound desire to avoid getting wet. This is the defining metaphor of my life right now." _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: How automate firewall tests, (continued)
- Re: How automate firewall tests Tim Shea (Aug 21)
- Re: How automate firewall tests Paul D. Robertson (Aug 21)
- Re: How automate firewall tests ArkanoiD (Aug 21)
- Re: How automate firewall tests Marcus J. Ranum (Aug 21)
- Re: How automate firewall tests Chris Blask (Aug 22)
- Re: How automate firewall tests Patrick M. Hausen (Aug 22)
- Re: How automate firewall tests Chris Blask (Aug 23)
- Re: How automate firewall tests Crispin Cowan (Aug 28)
- Re: How automate firewall tests Marcus J. Ranum (Aug 28)
- Re: How automate firewall tests Marcus J. Ranum (Aug 28)
- Re: How automate firewall tests Cat Okita (Aug 29)
- Re: How automate firewall tests Marcus J. Ranum (Aug 23)
- Re: How automate firewall tests Jim Seymour (Aug 23)
- Re: How automate firewall tests Tina Bird (Aug 23)
- Re: How automate firewall tests lordchariot (Aug 23)
- Re: How automate firewall tests Jim Seymour (Aug 21)
- Re: How automate firewall tests Chris Byrd (Aug 21)
- Message not available
- Re: How automate firewall tests Marcus J. Ranum (Aug 22)
- Re: How automate firewall tests Keith A. Glass (Aug 20)
- Re: How automate firewall tests R. DuFresne (Aug 23)
- Re: How automate firewall tests Jim Seymour (Aug 23)