On Mon, 13 May 2002, SHEETS,JASON (Non-HP-Boise,ex1) wrote: > Yes even if you take some steps to protect your code it may still be > distributed, but it WILL be distributed if you don't. > > Think about security, as a sysadmin I can't just not apply security updates, > you apply every security update you can even though someone a determined > cracker can still get into your box you eliminate most of the script > kiddies. > > Just because you can circumvent something does not mean it is not worth > doing, there is a trade off, security and usability to make something > completely secure you make it completely unusable you need to find a middle > ground with your systems and your code. > > As far as banks being robbed, yes they may be robbed but we still lose less > money than if left the vault unlocked and just told people to help > themselves.
The situations are not analogous. Putting locks on a bank vault increases the amount of time it takes to get in, which increases the risk to the robber. This is a powerful disincentive, and leads robbers to choose other banks instead of yours. Also, after someone does manage to get through all your vault locks, the next person who wants to break into the bank still has to go through all the work again. Putting locks on software, on the other hand, doesn't increase any risk. It may increase the challenge, but for many crackers, this is the number one incentive anyway. And once one person has broken it, it's as good as broken everywhere. So the return for effort/expense is much lower. The time is better spent writing more software for more clients. Or finding better, more honest clients. miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
