Security is an end-to-end problem. As I have said before, but not here, some folks like to talk about Strength in Depth, whereas what we have is really Weakness in Depth. There are vulnerabilities everywhere. Gary is indeed quite correct, even on April Fool's Day. If the underlying computer infrastructures are not secure AND reliable, anything you build on top of them is suspect. Don't forget denials of service, which are particularly nasty and most often ignored.
- [SC-L] Change of position Gary McGraw
- Re: [SC-L] Change of position Dana Epp
- Re: [SC-L] Change of position ljknews
- RE: [SC-L] Change of position Gary McGraw
- RE: [SC-L] Change of position Dave Paris
- Peter G. Neumann
