[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CERT statement

To: Thomas Grant Edwards <[email protected]>
Subject: Re: CERT statement
From: Marc Horowitz <[email protected]>
Date: Thu, 26 Jan 1995 16:42:17 -0500
Cc: [email protected]
In-Reply-To: Thomas Grant Edwards's message of 26 Jan 1995 20:15:10 -0000
Sender: [email protected]

>> What we need to concentrate on is secure systems that are not vulnerable 
>> to IP spoofing, as opposed to firewalls.

You're exactly right.  However, getting people to deploy real security
systems is nearly impossible.  My company sells a kerberos system, and
although everyone is saying they want security, nobody really
understands what this means, and as soon as we tell them that it
actually involves effort, they become far less interested.  Even
though I've seen companies get hosed because of lame security, the
people who matter aren't willing to commit.

I'm hoping that as firewalls begin to fall, that the CERT will stop
recommending half-assed solutions.  We'll have to wait and see.

		Marc

Follow-Ups:
- Re: CERT statement
  - From: "Perry E. Metzger" <[email protected]>

Prev by Date: Re: Starting a remailer
Next by Date: Re: anonymous IRC access....
Prev by thread: Re: pgp content type RFC
Next by thread: Re: CERT statement
Index(es):
- Date
- Thread