 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
On Tue, Aug 03, 2010 at 07:48:58AM -0400, David Kramer wrote: > Dan Ritter wrote: > >> Well, I actually did some academic research into this area when I was > >> working at Aptima, but more importantly, as an Agile Software Engineer I > >> am into continuous improvement. Every new thing I learn I can check > >> for, every time I find an avenue of attack, I adapt to it. > > > > Good. This time, the lesson I hope you learn is that reducing > > your attackable surface will lower the amount of work you have > > to do in future. > > You're suggesting I remove functionality that I need in the name of > security. I can make the box even more secure by removing it from the > internet, but it wouldn't be able to do what I need. Yes, that's a trade-off. If security didn't involve trade-offs, we would all be perfectly secure. I'm suggesting that you keep the same functionality, but make it a little harder for yourself to access it, while making it extremely difficult for anyone else to access it. I wish you good luck in your future endeavors. -dsr- -- http://tao.merseine.nu/~dsr/eula.html is hereby incorporated by reference. You can't defend freedom by getting rid of it.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
