Do We Really Need a Security Industry?
Bruce Schneier has written an interesting blog article and in my opinion some of the statements are both accurate:-
"The primary reason the IT security industry exists is because IT products and services aren't naturally secure "
Then a bit windows orientated:-
"If computers were already secure against viruses, there wouldn't be any need for antivirus products"
I haven't renewed my Solaris or Mac anti virus for some years now
Back to accurate again:-
" If bad network traffic couldn't be used to attack computers, no one would bother buying a firewall. If there were no more buffer overflows, no one would have to buy products to protect against their effects."
To:-
"If the IT products we purchased were secure out of the box............"
That would be Solaris then ?
Click Here for more information
Posted at 02:37PM May 04, 2007 by Simon Bullen in General | Comments[2]
| Archives | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Links | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Referrers | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Today's Page Hits: 103 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
I seem to remember Bill Joy saying that "network security was solved in 1976". This may not be entirely accurate, but I never got to ask him which protocol stack he was referring to. It wouldn't have been TCP/IP, certainly.
Schneier's piece reads like the flipside of a quip I used to make in 2005, having been to the RSA conference and (along with nigh on half of the audience) walked out of Bill Gates' keynote; "Any Gates speech at a security conference should begin with the words 'I'm really, really, *really* sorry'" :-).
OpenSolaris and Solaris Express are now secure out of the box (modulo holes being found in Solaris Secure Shell), however the service-disabling facility in Solaris 10 is still not the default (ie, a completely default install still leaves the box listening on rather more non-loopback ports) for reasons of backward compatibility.
Posted by Dave Walker on May 04, 2007 at 03:00 PM BST #
You can never underestimate the human factor. The reason malware and trojans don't exist for Solaris or Mac is that there's not enough critical mass for desktop users for people to bother writing them. Sure - the damage they can do is more limited than it is under Windows, but that's not why they don't exist.
If Solaris, Mac or Linux ever get more than a trivial percentage of market share amount non-techie users, the trojans/spyware/malware will follow!
Posted by Scott on May 04, 2007 at 03:37 PM BST #