[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Is this mail list dead?

To: securedistros@nl.linux.org
Subject: Re: Is this mail list dead?
From: Pedro Rosa <Pedro.Rosa@ksu.ru>
Date: Tue, 20 Mar 2001 12:44:29 +0300
References: <Pine.LNX.4.21.0103171451490.13050-100000@imladris.rielhome.conectiva> <3AB3D7BB.5BCB9E1D@wirex.com> <3AB69E61.D0AC3C6D@sgi.com>
Reply-To: securedistros@nl.linux.org
Sender: owner-securedistros@nl.linux.org
User-Agent: Mozilla/5.0 (X11; U; Linux 2.4.2-9mdksmp i686; en-US; 0.8) Gecko/20010319

Casey Schaufler wrote:

> Crispin Cowan wrote:
> 
>> Casy's claims not withstanding, it is my perception that the market has
>> spoken loud and clear:  C2 is *not* wanted by very many customers.
> 
> 
> It is called out often enough that every system vendor
> supplies it.

We all know THAT system vendor. Have you tried to enforce the rules and 
use that system? There is rumours that even NSA tried hard. Wonder if 
they were successful. Anyway I'm not NSA and so my ex kicked me out of 
home...

> 
> 
>> There's
>> a long trail of wreckage of companies who built orange book style secure
>> systems, and then discovered to their regret that there was no market for
>> such systems.
> 
> 
> Badly baked cookies don't sell, either!

I wouldn't say sooooooo. You see, software is still untasteful. Thanks 
God...

> 
> 
>> The one who is "doing it" might be well advised to see whether anyone else
>> cares :-)
> 
> 
> Security(*) on a computer is like anchovies on a pizza.
> Most people don't want 'em, but the pizzaria that does
> not have them finds it's sales down much further than
> the fishes account for themselves.
> 
> [*} My kind of security. The evil kind. Assurance. Bwah hah hah.

No, your analogy is not quite correct. I would change those anchovies 
for that fish that love so much in Japan... That's more about how 
Security works...

> 
> 
>> We know how to build systems that are useful, and we know how to build
>> systems that are secure.  The main challenge is to build systems that are
>> both useful and secure.
> 
> 
> And cheap!
> 
Not exactly. In Security one should value the cost of Security measures 
against the range of possible losses they pretend to prevent. Such 
evaluations may go through the millions. No I don't think that this is 
Fantasy World and I do think Linux may be an answer to multi-million 
dollar tasks. In fact it is now a solution. Just near here the little 
Tux saved a project costing nearly US$1,25 million, by substituting NT 
on tens of machines. Btw security costs there were probably no less than 
US$20,000.


Ektanoor

-
Securedistros: A common list for all secured Linux distributions
Archive:       http://humbolt.nl.linux.org/lists/

Follow-Ups:
- Re: Is this mail list dead?
  - From: Casey Schaufler <casey@sgi.com>

References:
- Re: Is this mail list dead?
  - From: Rik van Riel <riel@conectiva.com.br>
- Re: Is this mail list dead?
  - From: Crispin Cowan <crispin@wirex.com>
- Re: Is this mail list dead?
  - From: Casey Schaufler <casey@sgi.com>

Prev by Date: Re: Linux at C2 - was Re: Is this mail list dead?
Next by Date: Re: Linux at C2 - was Re: Is this mail list dead?
Prev by thread: Re: Is this mail list dead?
Next by thread: Re: Is this mail list dead?
Index(es):
- Date
- Thread