Re: IAB draft on security

At 11:01 26/07/99 +0200, Jacob Palme wrote:

>The document, like many other security documents, tells too much 
>about what will not work, too little on what will work. It seems as 
>if security experts are better at telling you that something is 
>dangerous or might not be secure, than telling you how to get 
>security. I would prefer to get more practical advice with
>recommendations on how to get the security you want.

I think this is a fair comment, that may also reflect the very nature of
security.

I am reminded of a little game that is very prevalent on a certain desktop
operating system:  Minesweeper.  (The goal is to uncover a number of hidden
mines by stomping on all the squares that do NOT contain mines:  to stomp
on a mine is sudden death.)

Making systems secure seems a similar kind of activity:  experts can tell
us where mines are known to exist, but it is both imperative and very
difficult to deduce where mines certainly do not exist.

#g

Received on Monday, 26 July 1999 09:34:26 UTC