On Tue, 5 Sep 2000, Jesper Wall wrote:
>
>
> > [SNIP]
> >
> > > I tend to think of it as "A firewall is only as good as the people
> > > implementing it"
> > >
> > [Ron DuFresne wrote]
> > This totally disregards those that sat and coded it though. And, as
> > security audits show, clean, secure code is hard to comeby.
> > And consider,
> > some sources have been audited a number of times over hte
> > years with new
> > bugs popping up every now and then. If the source is insecure and
> > exploitable, no matter how good the implementor of the program copiled
> > from it, there will remain a gaping wound...
> >
>
> But in the end, its true that "A firewall is only as good as the people
> implementing it".
> The point is: No matter how good the coder of the firewall is. If the
> implementor (who is the last in the line) screw up, the firewall is useless.
> Then it makes no difference if the firewall is crap from begining or if its
> the best on the market.
>
>
But, it's not a half circle we are dealing wiht, but, the whole pie. If
we develope a shuttle, and it has defective O'rings that make it subject
to occasionally blowing up midflight, no matter how skilled those building
new one, nor the skills of those piloting them, they are still carrying
the same defect and potentially self destructive. Until the 'minor'
defect is dealt with.
Thanks,
Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
