[Eug-lug] Security Focus interview with Marcus Ranum
Jacob Meuser
jakemsr at jakemsr.com
Wed Jun 22 17:25:18 PDT 2005
On Wed, Jun 22, 2005 at 03:49:29PM -0700, Jason wrote:
> I agree with some of Jacob's points, but I think there
> is a bit of a disconnect between:
>
> > yeah, security is hard. it's not something that
> > just happens.
>
> and
>
> > sorry, but as we've discussed before, if you leave
> > your front
> > door open, it's your fault if someone comes and
> > takes your stuff.
>
> At this stage of the game, there aren't many
> enterprises that I'd say are leaving their front doors
> open. Rather, with giant networks, 10s of thousands of
> hosts, 100s of applications to support, remote
> offices, etc. ad infinitum, the issue is that security
> is indeed difficult, and its near impossible to
> properly address every risk in any size environment.
>
> I don't see any 'endgame' with regard to
> infosec/hackers/etc. I look at the landscape the same
> way as normal cops and robbers - people will continue
> to commit crimes, and a huge number of $ will be spent
> (and people employed) to try and address the problem.
>
> A sad and pessimistic viewpoint, but I believe it's
> realistic.
agreed. however, the interview was not at all optimistic. there
_are_ new methods that actually help. there _are_ things going in
the right direction.
--
<jakemsr at jakemsr.com>
More information about the EUGLUG
mailing list