lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 14 Apr 2008 14:42:45 -0400
From: "Garrett M. Groff" <groffg@...design.com>
To: <full-disclosure@...ts.grok.org.uk>
Subject: Re: Fwd: n3td3v has a fan

I appreciate Valdis's point and agree with it. I'll posit that there is an 
optimal balance that can be achieved vis-a-vis security. I'll use airport 
security as my example. In this case, security theater becomes a political 
necessity (fed gov't needs to look responsive after 9/11 to re-assure people 
that something is being done). If people are being assured that something is 
being done, that can (potentially) lower the "level" at which people feel 
terrorized, as they believe that they are protected. However, if security 
theater becomes too restraining or inordinately conspicuous, the perception 
of safety could back-fire, as people feel one or both of the following: a) 
the authorities are desperate; and b) authorities inconvenience (at best) 
and detain (worse) innocent parties. That second point could lead to a 
backlash against the very security that is (ideally) protecting the populace 
from terrorism-by-plane.

Security theater by itself is disadvantageous by definition. Further, 
security theater might provide a "good show" where people think they are 
secure, creating an environment that reduces pressure to enact more 
meaningful but less visible security measures.

Bottom line: security theater isn't universally "bad." But it is 
incontrovertibly insufficient.

- G

----- Original Message ----- 
From: <Valdis.Kletnieks@...edu>
To: "G. D. Fuego" <gdfuego@...il.com>
Cc: <full-disclosure@...ts.grok.org.uk>
Sent: Monday, April 14, 2008 2:23 PM
Subject: Re: [Full-disclosure] Fwd: n3td3v has a fan


> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/ 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ