Friday, September 21, 2018
1:18:38 AM
Users online: 0   You are here >> Home > Security

Forums | Security Forums search
Forum FAQ
Redesign Internet Security - Are you up for it?
1/9/08 11:38:58 AM

So, I just saw that SANS are looking for "a few revolutionary ideas with the potential to reshape the landscape" of "cyber security".

Interesting idea, don't know where such an endeavour will lead though.



1/9/08 7:15:26 PM
The technologies already exist.., migrating to them is going to be the hard part, and does not look like it will happen anytime soon.

Part of the inhumanity of the computer is that, once it is
competently programmed and working smoothly, it is completely honest.

1/9/08 10:42:25 PM

I think a focused effort to solve the spam problem would go a long way.

Especially when you factor in that most spam originates fro minsecure systems.

How we would go about this? I'm not sure. I do point the finger at Microsoft for a lot of the problems we have, due to Windows and all of its security shortcomings. Vista, even though I've not used it, from the little I've heard is quite an improvement over XP as far as security goes, especially given the shift away from running everything with admin privileges.

I think accountability would go a long way, too, but this isn't the kind of thing that a random person/group/company can whip up. It needs legislation and active enforcement. It's unrealistic, but it'd be nice to see it illegal to have an unsecured/compromised computer live on the internet, with fines applicable to those who don't fix/remove the machine within an allowed grace period.

Naturally, there's man power issues in enforcing/investigating, which is what would make this unrealistic, but I still like it as a basic idea. It'd also anger users of shitty software which would put pressure on vendors if they don't want to lose market share to more secure competitors.

"Grandfather had an accident, he got burnt." "Oh no, how bad?" "Well, they don't fuck around at the crematorium."

5/9/08 11:04:36 PM


The major problem in security isn't a technical issue, it's a sociological issue.

If a system is broken into and hundreds of spam messages are sent or people details are stolen, most companies just get a slap on the wrist and short writeup in the paper.
But for the person who just had a heap of private data released into the wild it can be a total nightmare on so many levels.

Responsibility is a big thing missing as ecky points out.

Also, if there was a financial price levied onto the security of a product (by market forces or legislation), especially in terms of failure, I can guarantee you'd see a massive improvement.
It's not really a financial burden to release and then cleanup a product that has shoddy security so it's rarely taken into account from the first steps.

Edited by iamthemaxx: 5/9/2008 11:07:43 PM


Forums | Security