Excellent stuff!
Excellent stuff!
Posted Jan 31, 2008 11:40 UTC (Thu) by pr1268 (guest, #24648)Parent article: LCA: Bruce Schneier on the two sides of security
Thank you, Jon, for this article. This article (and the ten-year timeline part 4, above) certainly contribute to me being a satisfied subscription customer. :-)
My own thoughts, comments, and epiphanies below:
- I openly admit to having been loath to run Wireshark due to its well-publicized patch rate. I was unaware that this is actually the result of proactive security (instead of reactive). Assuming this is the case, the Wireshark developers should serve as a model for all application developers working on security-sensitive software.
- My own experiences with SELinux (way back in the FC2 days) was that controlling SELinux on a system was akin to running a nuclear power plant from the control room. So many "dials", "knobs" and "switches" to control, and accidentally throwing one wrong switch could scram the whole system.
- The Transportation Security Agency is the most egregious example of a purely reactionary, horribly-implemented sorry excuse of an ineffective government bureaucracy I've ever seen. Ironically, I'm not sure that the American public even gets any feeling of security with the TSA. I personally don't perceive that I'm any safer (in reality) due to the TSA. But, oh well, taxpayers are willing to fund the feeling of security, and even I can't blame others for these feelings after witnessing the events of 9/11.
Just my $0.02 and change...
Posted Jan 31, 2008 11:48 UTC (Thu)
by nix (subscriber, #2304)
[Link]
Excellent stuff!
Wireshark uses privilege separation now, so problems in the packet dissectors will only
compromise the low-privilege account used to do the packet dissection. :)