[Klug-general] Linux to offer a paradigm-shift in computer security

Karl Buckland karl at digital-end.com
Wed Nov 28 10:14:40 GMT 2007 

Stephen Ryan wrote:
> thanks to all for the constructive advice and for some small pokes in 
> the eye.
>  
> I believe the answer lies in developing a new perspective on security 
> and not following the same line as everybody else. When you can't win 
> the game, you invent a new game. You change the rules. I believe that 
> today's approach to security is ultimately futile. The game is futile.
> What is required is a radical rethink. Such a rethink can only come 
> from those involved in "security intelligence (R&D)" vs. where we are 
> 99% of our time "implementing yesterdays futile security measures".
>  
> I believe that Linux is the basis for supporting this change and that 
> KLUG can be the first to develop it.
>  
> cheers and all the best,
>  
> Stephen Ryan
> www.intrench.com <http://www.intrench.com/>
> www.brandspy.org <http://www.brandspy.org/>
With all due respect, this sounds a little silly to me. Which part of 
the current methods of securing systems would you propose are 
re-thought? The current methods of discovering holes and patching and 
using preventative means to prevent security issues appears to work 
relatively well. There will always be holes and any new method must take 
that into account. As has already been proposed, you can't invent a 
perfectly secure system. You can make a system that is more or less 
secure than another, in certain areas, but for most people it comes down 
to managing cost. The cost of losing data vs securing it/restoring from 
backups, having your system be brought down by hackers Vs. simply not 
doing any business. You could make an almost completely secure computer 
system if you threw enough money at it, but most of that money would be 
wasted because you won't see the same increase in security compared to 
the increase in money - the increases in security will plateau. You 
simply wouldn't see the returns you need for the money. Plus as someone 
has already pointed out, supposedly 'secure' systems usually attract 
more attention.

But anyway, it's all very good saying that a new perspective on security 
is needed - what would that change be? If anyone had any good ideas on 
that front then we might already be reaping the benefits...

Karl B

More information about the Kent mailing list