> Detecting viruses is a fundamentally losing battle: a
> sufficiently advanced virus can fully simulate a clean
> computer for the scanner to run in.
> On the other hand, writing an OS that doesn't get
> infected in the first place is a fundamentally winning
> battle: OSes are insecure because people make
> mistakes, not because they're fundamentally
> insecurable.
> Detecting spam by analysis of the text is another
> losing battle: even humans can't always agree on
> what's spam.
> The maddening part is that security as an industry is
> almost always forced to fight on the losing
> battlefields, even though we've had beautiful,
> efficient, impregnable fortresses available for many
> years. Any crypto book from 20 years ago can show you
> how to send an unforgeable email or sign a binary, yet
> these notions still haven't widely caught on

Books from twenty years ago will not tell you how to
make your impregnable fortress useful, usable, and
convenient.  Impregnable fortresses tend to be located
at the North Pole, and customers fail to show up.

Further, often what is built is an impregnable wall,
rather than an impregnable fortress.  The other three
walls are overlooked, or if overlooked, there is no way
in, or if a way in is provided, anyone can go through

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to