> Detecting viruses is a fundamentally losing battle: a > sufficiently advanced virus can fully simulate a clean > computer for the scanner to run in. > > On the other hand, writing an OS that doesn't get > infected in the first place is a fundamentally winning > battle: OSes are insecure because people make > mistakes, not because they're fundamentally > insecurable. > > Detecting spam by analysis of the text is another > losing battle: even humans can't always agree on > what's spam. > > The maddening part is that security as an industry is > almost always forced to fight on the losing > battlefields, even though we've had beautiful, > efficient, impregnable fortresses available for many > years. Any crypto book from 20 years ago can show you > how to send an unforgeable email or sign a binary, yet > these notions still haven't widely caught on
Books from twenty years ago will not tell you how to make your impregnable fortress useful, usable, and convenient. Impregnable fortresses tend to be located at the North Pole, and customers fail to show up. Further, often what is built is an impregnable wall, rather than an impregnable fortress. The other three walls are overlooked, or if overlooked, there is no way in, or if a way in is provided, anyone can go through it. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]