[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1193303990.18559.28.camel@tara.firmix.at>
Date: Thu, 25 Oct 2007 11:19:50 +0200
From: Bernd Petrovitsch <bernd@...mix.at>
To: Ray Lee <ray-lk@...rabbit.org>
Cc: Chris Wright <chrisw@...s-sol.org>,
Casey Schaufler <casey@...aufler-ca.com>,
Adrian Bunk <bunk@...nel.org>,
Simon Arlott <simon@...e.lp0.eu>, linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org,
Jan Engelhardt <jengelh@...putergmbh.de>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Andreas Gruenbacher <agruen@...e.de>,
Thomas Fricaccia <thomas_fricacci@...oo.com>,
Jeremy Fitzhardinge <jeremy@...p.org>,
James Morris <jmorris@...ei.org>,
Crispin Cowan <crispin@...spincowan.com>,
Giacomo Catenazzi <cate@...ian.org>,
Alan Cox <alan@...rguk.ukuu.org.uk>
Subject: Re: Linux Security *Module* Framework (Was: LSM conversion to
static interface)
On Mit, 2007-10-24 at 17:35 -0700, Ray Lee wrote:
[....]
> Key-based masterlocks are easily broken with freon, and their combo
> locks are easily brute-forced in about ten minutes. Yet, I'll still
> use them to lock up my bike and garage.
The question is what the security threat is and the value of the secured
items.
> The idea that poor security is worse than no security is fallacious,
> and not backed up by common experience.
The common experience is, that common people just *feel* safer (just
because they have poor security).
With no security, they know that there is no security. With poor
security, they do not know (or can deny) that they have next to no real
security.
The prime example here is the usual (so-called) "personal firewall" on
Windows where people work normally as "administrator".
Bernd
--
Firmix Software GmbH http://www.firmix.at/
mobil: +43 664 4416156 fax: +43 1 7890849-55
Embedded Linux Development and Services
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists