Re: Security != Reliability - need flexible responses.

From: Pavel Kankovsky (peakat_private)
Date: Sun May 27 2001 - 12:07:34 PDT

  • Next message: Jonathan Care: "RE: Best way of arranging admin of permissions?"

    On Wed, 16 May 2001, David Wheeler wrote:
    
    > > From: "mshines" <mshinesat_private>
    > > RELIABILITY would be one criteria for secure programming...  it
    > > would seem to me.
    > 
    > Well, your statement appears to be mostly tongue-in-cheek, but there's
    > actually a valid issue hiding here.  I don't agree with your statement.
    ...
    > Not all users require all of these requirements to the same degree.
    > Indeed, can trade between these.  For example, a system that tries to
    > detect "suspicious" situations, and prevents you from reading your
    > data in such cases, may be very unreliable... but have great
    > confidentiality. Whether or not that's okay depends on how the system
    > is being used, but in some contexts this would be a _more_ secure
    > system.
    
    Yes, a more ``secure'' system might be a less ``reliable'' system as a
    whole. But any system can be only as secure as reliable _its_components_
    _implementing_security_functions_ are.
    
    --Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
    "Resistance is futile. Open your source code and prepare for assimilation."
    



    This archive was generated by hypermail 2b30 : Tue May 29 2001 - 10:40:38 PDT