On Jan 19, 2007, at 4:06 AM, Bill Stewart wrote:

[...] if you're trying to protect against KGB-skilled attacks [...]

On the other hand, if you're trying to protect against
lower-skilled attackers, [...]

I always find these arguments particularly frustrating.

By slowly raising the bar for the lower-skilled criminals, you get the effect in Steven's firewall book cover (I forget the version, where you must be a certain height to attack the castle.)

For me, the bottom line is that if you protect against the former, then you get the latter, and it is only a small matter of time when the lower-skilled people will get a script to do the higher quality attacks. Remember WEP?

I really have to question continuing a snail's pace information protection arms war when we have all the tools we need to properly defend ourselves.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to