| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1438152063.20040902174139@SECURITY.NNOV.RU> From: 3APA3A at SECURITY.NNOV.RU (3APA3A) Subject: Response to comments on Security and Obscurity Dear James Tucker, --Thursday, September 2, 2004, 3:16:45 PM, you wrote to 3apa3a@...urity.nnov.ru: >> Even more. This is very common scenario and this scenario must be >> covered by security policy. You either unfamiliar with this problem our >> your information is out of date. JT> Security policies never "go out of date" and this scenario as you JT> agreed with me, is still common today. If it is still common then JT> please explain how is this "out of date"? Security policy is never our of date because it's reviewed on regular basis. It's your information about available solution that is out of date. JT> Even viri don't go "out of date", although many virus checkers JT> probably don't hold some of the really old DOS, amiga, apple and unix First, you constantly mess virii with worms and trojans. OK, lets think as you said "malware". If malware is out of date or not depends on protection method you use against it. If you use antivirus - OK. You're protected against known viruses and may be some future modifications of known viruses. This is very poor protection. A good protection is creating sandboxes on application, OS or hardware level. For example in a very simple case user can only run a signed application from allowed list most virii become out of date. In fact, a problem of virii is one of the largest and most expensive hoaxes. Antiviral program gives no protection. You can treat it as a kind of auditing tool which can alert you in a case of poor administration (you must sack your administrator if you catch virii on your internal network) and filter some junk mail on your mail server, like SPAM filter does. JT> virus definitions. As we have seen in another discussion on this JT> list there may well still be a risk of possible infection over JT> RS232, no mater how unlikely it is, I respect the author of that JT> question for asking about such possibilities. He was clearly trying JT> to cover all bases. I have different opinions on this question. I do not read this discussion because I know answer, even for the case there is no network protocol bound to port and no software service listening on it. I can point you to real life exploit with executing code directly from the port (of cause, if you want to learn this dirty exploitation things). See "Bonus" section in http://www.security.nnov.ru/search/document.asp?docid=6145 JT> I am aware of this, however follow the same scenario through to JT> fruition and you will find the CEO doesn't bother to take out his JT> smart card, at least for the first 6 months of having one. Education It means spending first 6 months without leaving a room for him, because he will not be able to leave the room without taking out his smart card. As far as I know human organism resources, you will need new CEO after one week if there is no water supply in the room. It must be really good test for CEO's IQ. JT> it would have been more efficient JT> to pay a guard to stand at the door. And to pay another guard to look after first guard, because he can also leave for launch. More people have access to the system, less secure system is. Today it's human to become weakest chain in security. -- ~/ZARAZA ?????? ????????? ????????? ? ????????????? ????????, ? ?????? ????????? 2x2, ?? ? ?? ??? ???? ????????. (???)
Powered by blists - more mailing lists