IXP
Steven M. Bellovin
smb at cs.columbia.edu
Sun Apr 19 00:11:14 UTC 2009
On Sat, 18 Apr 2009 21:12:24 +0000
Paul Vixie <vixie at isc.org> wrote:
> > Date: Sat, 18 Apr 2009 13:17:11 -0400
> > From: "Steven M. Bellovin" <smb at cs.columbia.edu>
> >
> > On Sat, 18 Apr 2009 16:58:24 +0000
> > bmanning at vacation.karoshi.com wrote:
> >
> > > i make the claim that simple, clean design and execution
> > > is best. even the security goofs will agree.
> >
> > "Even"? *Especially* -- or they're not competent at doing security.
>
> wouldn't a security person also know about
>
> http://en.wikipedia.org/wiki/ARP_spoofing
>
I'm taking no position on the underlying argument; I'm simply stating
that simplicity is an essential element for security. I like a
philosophy I've seen attributed to Einstein: "everything should be as
simple as possible, and no simpler".
And yes, I know about ARP spoofing...
--Steve Bellovin, http://www.cs.columbia.edu/~smb
More information about the NANOG
mailing list