[IP] more on Chinese hackers
-------- Original Message --------
Subject: Re: [IP] more on Chinese hackers
Date: Fri, 25 Nov 2005 23:36:07 -0500
From: Gene Spafford <spaf@xxxxxxxxxxxxxxxxx>
To: dave@xxxxxxxxxx
References: <4387C70F.2070804@xxxxxxxxxx>
In response to Bob Frankton's post:
Encryption is not the issue. Software that is full of flaws, was
never designed to properly protect information, has bad interfaces,
is operated by poorly trained personnel according to weak policies,
and has no real security model -- that's more the problem. Deploy
encryption more widely in this environment and it might actually make
it more difficult to view audit trails and track down anyone abusing
the systems! Encryption can help in some places, but it doesn't
stop viruses, exploitation of bugs, installation of spyware, and more.
Moore's law doesn't necessarily have much to do with it, either. Too
many organizations are caught in circumstances where they feel
pressured to upgrade because the companies are releasing new software
to maintain their revenue stream. There is seldom any real need for
the customer to get the new releases, except maybe in hopes of
getting something more stable, or because the old software is no
longer supported. Of course, getting the new software, with all its
bloat, requires buying new hardware.... For simple office
automation or many database & communication applications there is no
need for faster systems ].... if only the software in place wasn't so
full of bugs and vulnerable.
-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/