Hi Richard.
I think we are on the same side here, but none the less:
> If the authors don't pay attention to security issues then it is
> inevitable that the final product is *inherently* insecure.
Then we disagree on what "inherent" means. Moving on...
> You don't get a secure product by having 10,000 monkeys
> bashing away at a keyboard then just before release turn off all the
network services
> and macros.
Nor did I say this. I just said that MS could go a very long way towards
a more secure product by taking some simple steps. Obviously there are a
lot of other things they could and should do, but those three things
would be a start.
> If your product is secure you don't need to worry about
> packet filtering.
You were talking about compartmentalising things - how can an
application know whether an inbound packet is spoofed? And if it could,
why build that sort of smarts into a thousand applications with a
thousand authors? And why build policy on an application by application
basis? And force everyone who installs a program to understand and
inplement that policy separately? Far better to put that policy where it
belongs - on the network interface (or *slightly* upstream from the
network interface, as with a firewall).
Regards, K.
This archive was generated by hypermail 2.1.1 : Fri Aug 31 2001 - 03:10:04 EST