Home page logo

firewall-wizards logo Firewall Wizards mailing list archives

Re: Linked-in and its Phishing-like contacts option!
From: Bennett Todd <bet () rahul net>
Date: Fri, 26 Apr 2013 12:35:21 -0400

On Apr 26, 2013 10:44 AM, "Marcus Ranum" <mjr () ranum com> wrote:

 Bennett Todd wrote:
If user operational security was adequate, we could retire our firewalls
Software flaws.

For myself, I prefer using software that's sufficiently simple, or widely
scrutinized, that it's not an easy target for an unskilled thug with little

I'm happy to keep everything on systems patched up, for all my users.

But they invariably choose to use systems that have never been nor will
ever be secure, due to their complexity.

I think MIME represented a landmark, tragic fall we'll never recover from.

Unwise or imprudent folk have always dabbled with file formats that
embedded programming languages, but they used to have to at least try some
social engineering to fool their victims into running their intrusions. But
MIME made it too easy to automate any manual intervention out of existence.

So, I agree, software flaws, where the root flaw happens early in the
design process, in the problem specification, deciding to solve "problems"
that were in fact features.
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]