Stopping open proxies and open relays
Petri Helenius
pete at he.iki.fi
Sat Feb 7 18:27:11 UTC 2004
Valdis.Kletnieks at vt.edu wrote:
>I wouldn't recommend trying to expand it to "prohibit making and selling
>computers that are insecure", since no computer is 100% secure, and there's
>no objective "secure enough" standard - closest you will get there is
>probably Dell's offer to ship machines pre-hardened to Center for Internet
>Security guidelines.
>
>
>
>
It would help if systems would only execute code that is signed
properly. This would make malware traceable. However the current way of
getting your code signed is in many cases too costly for the casual open
source developer so people are used to running unsigned or selfsigned
application even when the facilities to check signatures would already
exist in the system. (though for example in Windows, signatures are only
checked at install, not runtime)
Pete
More information about the NANOG
mailing list