| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: ka at khidr.net (Ka) Subject: Security Industry Under Scrutiny: Part Two -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 First of all a personal remark: Ka doesn't love you, and thinks you can do quite well without his love anyway .o) But: Sockz and list, my respect. Have you observed, that the more similiar some groups of people are, the eager they are to fight each other? Like Iran and Iraq - like Christians and Moslems - like Black-Hats and White-Hats. Family fights. Basically what is actually done by Black-Hats and White-Hats is the same thing: find holes and patch them (or is it not among the first things after a server is owned that the known software holes of the server are patched?). The only difference lies in the individual attitude, and even that may very well differ from instance to instance. But it is my opinion, that individuality cannot be governed by ethics finally. When the situation develops into a war between individual freedom against organized (governmental or criminal) "order" we will need each other - regardless of the color of our hats (if any). > Why would the government want to create fear? > Because catastrophes are good for the economy. And good for the self-image of the president and the citizens. What else does some president have, if you take that label away? What else do those who spell Citizen with a capital 'C' have, when you take that away? Then suddenly one is just as human as his enemy. > What we DO need is to redesign the current system to remove > vulnerability information from the eye of the general public... This is not possible. Just one single person, just some intentional or unintentional misuses of the information breaks the whole system. The alternative is to have more responseable individuals and more secure systems. For both as much information-exchange as possible is needed - not only technical information btw., but this individual opinions as well (which are often called "off topic", but which are part of the neccessary 'handicraft' or 'brotherly' exchange IMO). Including verbal fights now and then, including playing jokes with fake emails, including even some stupid remarks of this old baldhead me, why not? No system can function responseably if there are no response-able individuals. Worms or Script-Kiddies are just part of the background sounds of the internet djungle, they serve their purpose. No need to "fight" them, just protecting against them is sufficient. Real threats come from bigger animals, come from bigger organizations. No man should tell another man what to do, but I think we would be all better off with an internet which is not too much regulated by law or tied up by big "systems". Greetings Ka -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE92QNu72vu22ltWBERApEqAJ0dfivLaS/8tHq51wqvJqXBdlWtqQCfcKvY KOEpH0a2cJAEdFLtwp1/PhA= =yNB0 -----END PGP SIGNATURE-----
Powered by blists - more mailing lists