>
> If you'd installed a camera instead, they'd be in jail, and not out
> helping themselves to your neighbours' stuff.
Your arguments are as naive as the statement that we can have total
security. First of all, burglar alarms and cameras do not stop crime. The
house opposite mine was burgled and their alarm was going off for ages. I
think a lot of people were out so didn't realise what was going on. Anyway,
you can break into a house, steal the TV and Video and drive away before
anyone even notices (but I haven't tested this!).
As for cameras capturing criminals, it really doesn't happen. If I'd
installed a camera, they'd have either gone elsewhere (which is precisely
what happens with city centre cameras. The criminals move elsewhere) or
broken in with balaclavas on. So your argument against me is actually the
same argument that I'm using, ie one of deterrent rather than prevention. In
fact, ask any crime prevention officer, and all their suggestions are to
deter crime rather than prevent it (eg locking valuables in your car boot).
I still think publicising your server version is like writing the PIN number
to your burglar alarm on your front door. I've already shown that burglar
alarms are next to useless (how many times have you walked down a city
centre street past a false alarm), but do we really have to make it easier
to get in?
As for "Wanting hackers to move on to the next target is not the way the
Internet has got to where it is" is simply foolish logic. First of all, the
Internet was never designed to be a "public" system, so security is an
afterthough. That's why we are all using SSL in the first place! The
Internet has also failed to meet the criteria of "transcending it's own
unreliability". There have been numerous DOS attacks, and if a major router
goes down it takes ages to rearrange routing back where it was beforehand.
Most of us live in the real world, where crime offline is as real as crime
online. Some people imagine the Internet to be some fanciful utopia where
everyone loves each other very much (big hug). It isn't the case, and if
those people realised it they could get on with improving security in every
way possible. I admit this might inconvenience those who'd like to know what
versions of software everyone is running, but is that really so important
compared to being more secure?
-
John Airey
Internet Systems Support Officer, ITCSD, Royal National Institute for the
Blind,
Bakewell Road, Peterborough PE2 6XU,
Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
