IXP

• Previous message (by thread): IXP
• Next message (by thread): IXP
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 18 Apr 2009 21:12:24 +0000
Paul Vixie <vixie at isc.org> wrote:

> > Date: Sat, 18 Apr 2009 13:17:11 -0400
> > From: "Steven M. Bellovin" <smb at cs.columbia.edu>
> > 
> > On Sat, 18 Apr 2009 16:58:24 +0000
> > bmanning at vacation.karoshi.com wrote:
> > 
> > > 	i make the claim that simple, clean design and execution
> > > is best. even the security goofs will agree.   
> >
> > "Even"?  *Especially* -- or they're not competent at doing security.
> 
> wouldn't a security person also know about
> 
> 	http://en.wikipedia.org/wiki/ARP_spoofing
> 
I'm taking no position on the underlying argument; I'm simply stating
that simplicity is an essential element for security.  I like a
philosophy I've seen attributed to Einstein: "everything should be as
simple as possible, and no simpler".

And yes, I know about ARP spoofing...


		--Steve Bellovin, http://www.cs.columbia.edu/~smb

• Previous message (by thread): IXP
• Next message (by thread): IXP
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]