tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: rshd...

On 15/07/2012, at 10:57 AM, Mouse wrote:
>> Possibly with a new category called "insecurity" so people know everything i$
> Why does everyone seem to think everything that's not suitable for the
> open Internet is not suitable anywhere?!

Because even when you aren't connected to the internet, you are still connected 
to the internet. You know those awful movies where they show people breaking in 
to computer systems with graphics of connections bouncing through half a dozen 
systems to get to their target? I've seen someone do that in real life, and it 
really does work that way, just with fewer CGI pictures of satellites. All you 
need to start the ball rolling is a funny cat picture.

The reason most of us don't get owned is because we don't have enough goodies 
to make it worth anyone's trouble. I'm pretty sure that's not a good security 
model. Just in case anyone's wondering, it's not a good security model because 
it assumes we know what other people want, and we only ever know that in 
general. Unfortunately, when someone attacks you, it's always a specific 
person, rather than the Internet in general that's doing it.


Home | Main Index | Thread Index | Old Index