lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 14 Nov 2003 10:09:53 -0600 (CST) From: Ron DuFresne <dufresne@...ternet.com> To: vb@...tpanic.ulm.ccc.de Cc: bugtraq@...urityfocus.com, full-disclosure people <full-disclosure@...ts.netsys.com>, "Thomas M. Payerle" <payerle@...sics.umd.edu> Subject: Re: Re: Funny article [SNIP] > > What Thomas also overlooks is the fact that security is not an add-on, > it is a goal which is reached by concept. > Actually, security is in fact an 'add-on' a 'shim', which makes all in the info-sec realm akin to remodelers. Had TCP/IP a prime focus upon security this might be a different matter as you suggest, but, such is/was not the case. And since most programs and the processes that brought them into being by their creators do not put security at the forefront of the design/programming process, applications tend to mimick the TCP/IP model. So, we remodel, shim and retrofit <smile>. The carpentry of IT... Thanks, Ron DuFresne ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists