| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200409021438.i82EcmJU013077@turing-police.cc.vt.edu> From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu) Subject: Response to comments on Security and Obscurity On Wed, 01 Sep 2004 15:03:03 EDT, "Clairmont, Jan M" said: > The Clairmont-Everhardt Index of potential Security vulnerability being equal > to the (Number of Computers)! * (Number of People using the systems)! * (Number of Ports)! > * (the Lines of Code)! * (The number of Applications)! * (Number of Routers/Hubs)! > and any other factors you wish to include. Given the "any other factors" clause, I won't ask what mathematically rigorous reason there is to suspect that the factorial function is the proper one to use. :) For starters, although our network has well over 2,000 routers/switches/access points, the number that are directly impacting the security of the computer I'm typing on is down in the several dozen range. Similarly, one could make the case that it should be "(number of computers)" and "(*AVERAGE* number of people per system)" or a product of "number of users" times "number of systems each user has access to". And so on.... -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 226 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040902/41a03c8e/attachment.bin
Powered by blists - more mailing lists