Andrew Plato wrote: > > However, if one grants that some combination of cameras and guards and > > biometrics and login tokens and passwords can combine to demonstrate > > that user U really is user U, then there _are_ systems without security > > flaws to be found, no matter what level of pounding you can afford. I > > believe the CTOS/STOP operating system (a unix-alike) has had extensive > > enough design and audit of code used that it is, for all practical > > purposes, proven to be secure. > > I firmly believe there are secure systems that - when placed in a > secure state, > managed in a secure manner, and monitored in a proactive fashion, are > for all > practical purposes - impenetrable. But, the cost of such an > arrangement can be > simply too much for many organizations. Hence - comprimises must be made > leading to "more secure" arrangements but not "impenetrable solutions. > I agree with the above: there are provably secure systems, completely free of vulnerabilities. But the limitations imposed by them are impractical for most purposes. The dispute is because Andrew previously claimed that ALL systems contain vulnerabilites if you poke at them hard enough, and that just is not true. Where I suspect we agree is that the cost of improving security rises exponentially as you try to approach perfectly secure. Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX http://wirex.com/~crispin/ Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html
This archive was generated by hypermail 2b30 : Fri Sep 06 2002 - 18:35:24 PDT