| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1064777650.524.18.camel@localhost> From: frank at knobbe.us (Frank Knobbe) Subject: CyberInsecurity: The cost of Monopoly On Sun, 2003-09-28 at 13:04, Michal Zalewski wrote: > I'd argue... many vendors [...] > provide integrated corporation-wide mechanisms for enforcing group > firewalling, access and logging/IDS policies on workstations or groups of > workstations (and, why not, also servers). > [...] > The technology is there. It takes some effort to use it and do it > correctly, of course. Michal, I think Paul's sentiment was that current efforts are focused on networks, IP addresses, firewalls, protocols, etc, basically focusing on the _transport_ of data. I think what we need are better mechanism to protect the _data_ itself, not just the transport/protocol of it. I'm not talking about Palladium crap, but more in the direction of more efficient ACL's, RBAC, and finer system level control. We *can* harden the chewy insides by applying better controls. (All too often I see networks with Share and File/Dir permissions being Everyone-Full_Access...). Paul, feel free to disagree if I put words in your mouth ;) Cheers, Frank -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: This is a digitally signed message part Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030928/440e2955/attachment.bin
Powered by blists - more mailing lists