lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: dufresne at winternet.com (Ron DuFresne)
Subject: Re: Funny article

	[SNIP]

>
> What Thomas also overlooks is the fact that security is not an add-on,
> it is a goal which is reached by concept.
>


Actually, security is in fact an 'add-on' a 'shim', which makes all in the
info-sec realm akin to remodelers.  Had TCP/IP a prime focus upon
security this might be a different matter as you suggest, but, such is/was
not the case.  And since most programs and the processes that brought them
into being by their creators do not put security at the forefront of the
design/programming process, applications tend to mimick the TCP/IP model.

So, we remodel, shim and retrofit <smile>.

The carpentry of IT...


Thanks,

Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
	***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ