Frackin script kiddies!!

Dan Ritter dsr-mzpnVDyJpH4k7aNtvndDlA at public.gmane.org
Tue Aug 3 08:48:40 EDT 2010


On Tue, Aug 03, 2010 at 07:48:58AM -0400, David Kramer wrote:
> Dan Ritter wrote:
> >> Well, I actually did some academic research into this area when I was
> >> working at Aptima, but more importantly, as an Agile Software Engineer I
> >> am into continuous improvement.  Every new thing I learn I can check
> >> for, every time I find an avenue of attack, I adapt to it.
> > 
> > Good. This time, the lesson I hope you learn is that reducing
> > your attackable surface will lower the amount of work you have
> > to do in future.
> 
> You're suggesting I remove functionality that I need in the name of
> security.  I can make the box even more secure by removing it from the
> internet, but it wouldn't be able to do what I need.

Yes, that's a trade-off. If security didn't involve trade-offs,
we would all be perfectly secure.

I'm suggesting that you keep the same functionality, but make it
a little harder for yourself to access it, while making it
extremely difficult for anyone else to access it.

I wish you good luck in your future endeavors.

-dsr-


-- 
http://tao.merseine.nu/~dsr/eula.html is hereby incorporated by reference.
You can't defend freedom by getting rid of it.





More information about the Discuss mailing list