Create an Account
username: password:
 
  MemeStreams Logo

Interview with Marcus Ranum

search

Acidus
Picture of Acidus
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Acidus's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
Interview with Marcus Ranum
Topic: Technology 10:42 am EDT, Jun 22, 2005

I don't think that the standards committees underestimate security threats; I just think they're too busy doing things that are more important to them -- like holding meetings and writing minutes

Awesome interview. The gist of it is:
-Security sucks because CTO's don't understand proper security, or fail to implement policies because of office politics

-The thumb is *up* the ass. Network security issues have largely been understood since the late 80s. We keep dicking around ever reinventing the encrypted tunnel instead of working on complex and interesting problems.

-IETF and other bodies are so packed with commerical stoogies that they are being ineffective.

-Security is a design, not an add-on. It must exist on all levels. Network security is pointless without host security. Security cannot exist only in layers 3 and 4. It must include the application!

-The popularity of Computers and the Internet is what's killing the industry. Too many uneducated people use it, so most companies are too busy selling them stuff to improving the quality/security of their products. (IE Microsoft's user friendly gui instead of controlled execution of code).

Interview with Marcus Ranum



 
 
Powered By Industrial Memetics
RSS2.0