| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1162052889.4090.14.camel@anduril.intranet.cartel-securite.net> Date: Sat, 28 Oct 2006 18:28:09 +0200 From: Cedric Blancher <blancher@...tel-securite.fr> To: gabriel rosenkoetter <gr@...ipsed.net> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: [ Capture Skype trafic ] Le samedi 28 octobre 2006 à 11:53 -0400, gabriel rosenkoetter a écrit : > I don't see how this isn't still an HR problem. Ressources usage will definitly end-up in HR problem, but that does not mean you don't have to filter. There are technical means to block execution of arbitrary applications, as pointed out before, and that's just an example of what can be done from a technical perspective. Sometimes, you can consider risk low so you can let education deal with it for you. Sometimes you can't. I think Skype may induce risks that I wouldn't let to education alone. As a more general matter and as you said before, filtering will never work by itself, but it also applies to education. Education is not sufficient, or we would have noticed it before. And if users security is all about HR, and I really don't understand why we put so much protection around what they do... -- http://sid.rstack.org/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists