John Embretsen wrote:
Daniel John Debrunner wrote:
Not sure on that basis if I would call 10.3 "safer". If there are N
ways to break security and less than N is closed, then a system is not
more secure.
I tend to disagree. There will _always_ be security holes in systems
such as Derby. Does that mean that we can never use the terms "more
secure" or "safer"? Of course, there are no guarantees, but hopefully we
are closing more (at least more severe) security holes than we are
introducing with this release. I would define this as being "more
secure" and "safer", though not "secure" nor "safe".
I think there's the problem, what security holes are being closed and
which are being opened. Is there a positive net change that would make
anyone (more?) comfortable running an unauthenticated server on their
own machine?
If this reasoning is not valid, would it also be wrong to say that Derby
10.3 is safer than 10.0?
I hadn't thought about that much, I don't remember much improvement from
10.0 to 10.2, so I would guess 10.3 is not more secure than 10.0. I'm
talking about the situation where a network server is listening on a
remote host without authentication and a user neglected to install a
security manager. That is some claim that Derby 10.3 is more secure in
that situation than before, I'm just doubting that claim. 10.3 can be
made to be more secure than 10.0 due to security manager improvements,
grant revoke etc, but that's not what the e-mail to the user list is
addressing.
Would it be wrong to say that using encryption is safer than not using
encryption at all?
Depends on where the key is stored. If it's a fixed key (e.g. in an
application) or the key is easy to find then encryption is no more secure.
For example, I know that the encryption in my home Wi-Fi network can be
cracked, but I still regard the system as safer (more secure) than my
neighbor's unencrypted Wi-Fi network.
And so would I, unless I could easily connect into your encrypted
network without knowing the password or encryption key and change its
configuration to no longer be secure. (Which is what 10.3 continues to
allow).
The wi-fi networks are a interesting comparison. Their mode out of the
box is insecure and allowing remote access. Derby's network server is
insecure but disallowing remote access.
Dan.
