|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Jon Oberheide (jon
oberheide.org)
Date: Mon Jan 28 2008 - 13:05:17 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> On 1/28/08, Kowsik <kowsikgmail.com> wrote:
> After 5+ years of stopping this, stopping that, writing anti-malware,
> anti-dos, anti-backdoors, anti-vulnerablities, anti-scanners,
> anti-spoofing, anti-this and anti-that, it pretty much came down to
> "ENOUGH ALREADY!", for me.
>
> Being reactive just ain't fun. It gets pretty damn tiring after a
> while when for ever rule the ID/PS has, there are like a million
> exceptions on the network. No, I'm not just talking about evasions and
> obfuscations. One small step for the attacker, one impossible jump for
> the rest - especially with the current approach.
>
> This is not a dig on specific products or how they work. They do what
> they are intended to do reasonably well. However, the problem they all
> set out to solve is inherently intractable.
As my colleague would say, it's a "security-complete" problem.
(No, there is no formal definition for a security-complete class of
problems. A problem just automagically becomes security-complete when
you reach that "ENOUGH ALREADY" stage and feel like smashing all
computing devices in a 10 block radius.)
Besides being a meaningless novelty term used to cop-out of hard
problems, we can at least make vague, swiss-cheese analogies and compare
it to a similar class of problems: NP-complete. We don't give up
NP-complete problems because they lack a polynomial-time solution;
instead, we develop practical algorithms that provide approximate
solutions. You can see where this is going...
Regards,
Jon Oberheide
--
Jon Oberheide <jonoberheide.org>
GnuPG Key: 1024D/F47C17FE
Fingerprint: B716 DA66 8173 6EDD 28F6 F184 5842 1C89 F47C 17FE
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.6 (GNU/Linux)
iD8DBQBHnidtWEIcifR8F/4RAvytAJ9NgNk6EajmpSwS34CnHhdneo/4VgCfd4/o
SLks6g4Gpjv/62eTacGPnuE=
=i2Ip
-----END PGP SIGNATURE-----
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]