Even you can be hacked
Henry Linneweh
hrlinneweh at sbcglobal.net
Fri Jun 11 23:21:42 UTC 2004
I can agree with that and Randy pointed out when these
idea's were created and writen, security was not part
of the overall plan because there were trusted parties
on either end of the spectrum.
I think that my intent was noble and I am glad I
started a controversy, because this is an issue that
needs to be addressed as we move forward with internet
development and secure application development.
Working for a telecomm/datacomm company gives me some
insight into the problem, I am looking into it deeper
from a hardware perspective, of designing a solution
that goes on a board among other system's issues...
Yeah I brainstorm too, and also being an end user
client I think about the end result of no solution and
people overwhelemed with issues that lead to no
solution to people so overwhelmed they think
legislating law can fix broken code.
It does help when the architects give me insight to
the issue and how immense it is and what to look at
when I am determining the end result of any of my
efforts.
-henry
--- Alex Bligh <alex at alex.org.uk> wrote:
>
>
>
> --On 11 June 2004 14:18 -0700 Randy Bush
> <randy at psg.com> wrote:
>
> > the bottom line
> >
> > o if you want the internet to continue to
> innovate, then
> > the end-to-end model is critical. it means
> that it
>
> If there is a lesson here, seems to me it's that
> those innovative protocols
> should be designed such that it is relatively easy
> to prevent or at least
> discourage "bad traffic". Because that's in the long
> run easier (read
> cheaper for those of you of a free market bent) than
> educating users in an
> ever changing environment. It would be a bit rich to
> criticize SMTP
> (for instance) as misdesigned for not bearing this
> in mind given
> the difficulty of anticipating its success at the
> time, but there is a
> lesson here for other protocols. I can think of one
> rather obvious one
> which would seem to allow delivery of junk in many
> similar ways to SMTP;
> hadn't thought of this before but we should be
> learning from our
> mistakes^Wprevious valuable experience.
>
> Alex
More information about the NANOG
mailing list