From owner-freebsd-security Thu May 11 9:39:11 2000 Delivered-To: freebsd-security@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id 5767E37B574 for ; Thu, 11 May 2000 09:39:09 -0700 (PDT) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.9.3/8.9.3) id MAA17559; Thu, 11 May 2000 12:39:04 -0400 (EDT) (envelope-from wollman) Date: Thu, 11 May 2000 12:39:04 -0400 (EDT) From: Garrett Wollman Message-Id: <200005111639.MAA17559@khavrinen.lcs.mit.edu> To: Paul Hart Cc: Garrett Wollman , freebsd-security@FreeBSD.ORG Subject: Re: envy.vuurwerk.nl daily run output In-Reply-To: References: <200005111611.MAA17380@khavrinen.lcs.mit.edu> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org < said: > That's a scary thought. "Our security depends on all attackers being > stupid." No, not at all. Just because a security mechanism can be bypassed by an expert does not imply that it is totally useless. Security is still improved overall by being able to catch stupid attackers! > Shouldn't we work toward meaningful tools that cannot be > subverted even by the most skilled of attackers? That is certainly a worthwhile goal. However, there is a valid engineering trade-off between the value of a system and the cost of implementing more advanced security services. -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message