[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
IXP
On Sat, 18 Apr 2009 21:12:24 +0000
Paul Vixie <vixie at isc.org> wrote:
> > Date: Sat, 18 Apr 2009 13:17:11 -0400
> > From: "Steven M. Bellovin" <smb at cs.columbia.edu>
> >
> > On Sat, 18 Apr 2009 16:58:24 +0000
> > bmanning at vacation.karoshi.com wrote:
> >
> > > i make the claim that simple, clean design and execution
> > > is best. even the security goofs will agree.
> >
> > "Even"? *Especially* -- or they're not competent at doing security.
>
> wouldn't a security person also know about
>
> http://en.wikipedia.org/wiki/ARP_spoofing
>
I'm taking no position on the underlying argument; I'm simply stating
that simplicity is an essential element for security. I like a
philosophy I've seen attributed to Einstein: "everything should be as
simple as possible, and no simpler".
And yes, I know about ARP spoofing...
--Steve Bellovin, http://www.cs.columbia.edu/~smb
- Follow-Ups:
- IXP
- From: fergdawgster at gmail.com (Paul Ferguson)
- References:
- IXP
- From: deepak at ai.net (Deepak Jain)
- IXP
- From: stuart at tech.org (Stephen Stuart)
- IXP
- From: bmanning at vacation.karoshi.com (bmanning at vacation.karoshi.com)
- IXP
- From: vixie at isc.org (Paul Vixie)
- IXP
- From: bmanning at vacation.karoshi.com (bmanning at vacation.karoshi.com)
- IXP
- From: smb at cs.columbia.edu (Steven M. Bellovin)
- IXP
- From: vixie at isc.org (Paul Vixie)
- Prev by Date:
IXP
- Next by Date:
IXP
- Previous by thread:
IXP
- Next by thread:
IXP
- Index(es):