At 10:22 PM 10/13/2003 +1300, Peter Gutmann wrote:
So why is this stuff still present in the very latest certification
requirements?  Because we're measuring what we know how to measure, whether it
makes sense to evaluate security in that way or not.  This is probably why
penetrate-and-patch is still the most widely-used approach to securing
systems.  Maybe the solution to the problem is to figure out how to make
penetrate-and-patch more rigorous and effective...

I would contend that the penetrate-and-patch model is because the original base was not designed for 7x24, fully interconnected environment. some slightly related comments on the subject: Poor People's OS

The air force found none of the problems in the studied infrastructure: Thirty Years Later: Lessons from the Multics Security Evaluation another 30 year thing Thirty Years Later: Lessons from the Multics Security Evaluation grey-haired assembler programmers (Ritchie's C) A Dark Day

the contention is that the system was designed to handle the circumstances. The currently common distributed software was not originally designed to handle this kind of situation .... and repeatedly it has been demonstrated for assurance to work well .... it has to be designed in from the start .... not added on afterward.

At various times, we had polite competition since the worked referenced in the air force study was done on the 5th floor of 545 tech. sq ... and I was on the 4th floor ... also working on what was considered a secure (but totally different) system.

There were issues about unfair comparison since at the time of the following .... the totally number of systems ever existing for the 5th floor system was something over one hundred. The total number of just internal corporate machines running the 4th floor system was in the thousands and the number of customer machines were low tens of thousands. So we just had light hearted competition with regard to just code I wrote .... and the number of (internal) machines that I directly provided systems for (something over a hundred ... comparable to the total number of 5th floor systems).

The following reference was the system that the air force data center in the pentagon was running was getting old ... and they were looking at newer hardware, in this case initially twenty newer machines, each with about the same MIP rate of the aging machine running the 5th floor system. As referenced, this then turned into 210 such machines: departmental servers

Anne & Lynn Wheeler
Internet trivia 20th anv

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to