Firewall Wizards mailing list archives
Re: Mis-attribution - Re: How automate firewall tests
From: Crispin Cowan <crispin () novell com>
Date: Wed, 15 Nov 2006 12:11:10 -0800
Chris Blask wrote:
Gotta love how Paul and Marcus have taken care of us overthe years on the list. As Paul said in a side note, he's not a fan of socialism (neither am I). I thanked him for letting me make my own mistakes, f***ing pisses me off when committees force security on me.
So you're not a fan of mandatory access controls then? :)
I'm not in favor of paternalistic governments either, but there are
cases for mandatory controls:
* The subjects can't be trusted to defend themselves
o children need to be protected from themselves for at least
10 years
* The subjects are too valuable to be lost
o VIPs are actually subject to orders from their bodyguard
staff under emergency conditions
* The subjects self-carelessness actually pollutes the space of
those around them
o drivers who won't wear seatbelts increase health insurance
costs for the rest of us
o vulnerable software can be used to corrupt the rest of the
system; need application security policies (AppArmor)
o careless users may disclose organizational secrets; need
mandatory disclosure policy (MLS)
o careless users may bring infection into the organization;
need network access control (Cisco CSA)
My personal favorite paternalistic government issue: drugs. I want all
drugs legalized; the expense to society to try to control weed, heroin,
meth, etc. greatly exceed the damage caused by these substances. OTOH, I
want *strong* controls on antibiotics: idiots abusing antibiotics breed
antibiotic-resistant germs, which threaten all of us.
Caveat: my views on drug controls, and pretty much anything else, do not
reflect Novell's views.
Crispin
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/
Director of Software Engineering, Novell http://novell.com
Hack: adroit engineering solution to an unanticipated problem
Hacker: one who is adroit at pounding round pegs into square holes
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Mis-attribution - Re: How automate firewall tests Chris Blask (Nov 12)
- Message not available
- Re: Mis-attribution - Re: How automate firewall tests Chris Blask (Nov 13)
- Message not available
- Re: Mis-attribution - Re: How automate firewall tests Paul Melson (Nov 13)
- Re: Mis-attribution - Re: How automate firewall tests R. DuFresne (Nov 13)
- Re: Mis-attribution - Re: How automate firewall tests Chris Blask (Nov 13)
- Re: Mis-attribution - Re: How automate firewall tests R. DuFresne (Nov 15)
- Re: Mis-attribution - Re: How automate firewall tests Chris Blask (Nov 15)
- Re: Mis-attribution - Re: How automate firewall tests Crispin Cowan (Nov 17)
- Re: Mis-attribution - Re: How automate firewall tests Brian Loe (Nov 18)
- Re: Mis-attribution - Re: How automate firewall tests Chris Blask (Nov 18)
- Re: Mis-attribution - Re: How automate firewall tests Chris Blask (Nov 13)