Firewall Wizards mailing list archives
Re: SCADA
From: "Marcus J. Ranum" <mjr () ranum com>
Date: Tue, 14 Apr 2009 17:49:03 -0500
Paul D. Robertson wrote:
The other side of the coin is that adding layers adds complexity and code- and adding code adds bugs- so you don't *always* get a net security gain by adding "protecion."
You raise a problem that I've spent too much time pondering. In effect, it refutes the "conventional wisdom" of computer security. Which goes as follows: Item #1 - Defense in depth is good Item #2 - Complexity is the enemy of security If #2 is true, #1 can't be, because defense in depth adds complexity. Puzzled, mjr. -- Marcus J. Ranum CSO, Tenable Network Security, Inc. http://www.tenablesecurity.com _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards