dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
18
share rss forum feed


Mospaw
My socks don't match.
Hawaiian Jellyfish
join:2001-01-08
Mile High
kudos:1

2 recommendations

reply to pandora

Re: Sigh

said by pandora:

One day companies generally have got to get hold of security generally.

As long as they have humans programming the computers, or even robot programmers who were programmed by humans (and so on and so on), this won't happen.

Security has to be perfect to be absolute. The attackers only need to find one vector.

Disclaimer: I am a human who programs computers.

Kearnstd
Space Elf
Premium
join:2002-01-22
Mullica Hill, NJ
kudos:1
And perfect security can never be done even if you had perfect programmers assisted by perfect robot programmers.

As lets face it, the #1 hole is still the the meat bag in the chair. Get a user to click yes on something and the hacker just infected their PC and sniffed their passwords.
--
[65 Arcanist]Filan(High Elf) Zone: Broadband Reports

zerog

join:2002-02-10
Carrollton, TX
kudos:1

2 edits
reply to Mospaw
quote:
Security has to be perfect to be absolute. The attackers only need to find one vector.

disagree. Security has to be "good enough" or sufficiently secure proportional to what is being protected.

That is obviously not happening here, and in most of the cases where we see "security fails"

There is no "absolute security" - anyone who starts talking that way is trying to sell you anti-virus software, or some "enterprise class security system that will keep the hackers out!".

The only absolute perfect security that can be obtained is for something which absolutely does not perfectly exist.


dvd536
as Mr. Pink as they come
Premium
join:2001-04-27
Phoenix, AZ
kudos:4

1 recommendation

reply to Mospaw
said by Mospaw:

said by pandora:

One day companies generally have got to get hold of security generally.

As long as they have humans programming the computers, or even robot programmers who were programmed by humans (and so on and so on), this won't happen.

Security has to be perfect to be absolute. The attackers only need to find one vector.

Disclaimer: I am a human who programs computers.

surprising they don't write compilers that check for buffer overflow conditions before they'll compile an exe or dll
--
Despises any post with strings.