-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Brent:
Yes, I've read Bruce's feelings about hacker contest's before, and in principle, I agree it doesn't "prove" a sustained attack by a determined enemy with enough computing power and dollars (Rubles, Yen, Euros whatever) can be thwarted. If someone like a government entity was hacking away at a firewall, they sure aren't going to claim the prize; rather they now have the knowledge of how it was done, use it, and keep quiet about it. I have the utmost respect for what Bruce says. I'll agree "proven" is too strong a word. But it would give me more confidence that your average 133t h4x0r isn't going to run willy nilly through the firewall. They may find a way AROUND it, or socially engineer their way in, sure. Just not THROUGH it. Score one for Brent. Proven IS too strong. Steve Kruse J. Stephen Kruse, CISSP Chief Information Security Officer City of Lakeland, Florida http://www.lakelandgov.net mailto:[EMAIL PROTECTED] PGP Fingerprint: 20FF 54A6 AFA0 5492 8830 9687 3314 D77D DFC7 D848 > -----Original Message----- > From: Brent J. Nordquist [mailto:[EMAIL PROTECTED] > Sent: Tuesday, November 18, 2003 12:03 PM > To: [EMAIL PROTECTED] > Subject: RE: [Full-Disclosure] Sidewinder G2 > > > On Tue, 18 Nov 2003, Kruse, Steve <[EMAIL PROTECTED]> > wrote: > > > Repeated "hacker challenges" by Secure Computing against > the Sidewinder > > have proven it hasn't been compromised. > > "Proven" is much too strong a word. See: > http://www.schneier.com/crypto-gram-9812.html#contests - -- Brent J. Nordquist <[EMAIL PROTECTED]> N0BJN Other contact information: http://kepler.acns.bethel.edu/~bjn/contact.html * Fast pipe * Always on * Get out of the way - Tim Bray http://tinyurl.com/7sti _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.2 iQA/AwUBP7pgEjMU133fx9hIEQKiSACguBmBadHYSjlV+ZYBmHi028viPLoAn1pd q7Pr2om9md5nHVEU3aVFmws+ =Murr -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
