Per the message sent by Tony Bartoletti:
> >Mr. Schwartau concludes that security experts must focus on the
> >capabilities rather than the motives of potential adversaries.
> An excellent point. Where the capabilities exist, SOMEONE will find a motive.
> Motive-based risk assessment is important at the margins, but cannot trump
> consideration of systemic vulnerability.
The problem with this approach is that capabilities without intent makes
for overprotected environments. I know that there are lots of folks
with amazing capabilities but if I try to protect my toy store against
Russians who might want to find out how many Tonka trucks I sell I will
go out of business.
> -- "Nature always sides with the hidden flaw"
Nature is pretty much probabilistic in nature - human attackers are not
as predictable.
FC
-- This communication is confidential to the parties it is intended to serve --
Fred Cohen - http://all.net/ - fc@all.net - fc@unhca.com - tel/fax: 925-454-0171
Fred Cohen & Associates - University of New Haven - Security Posture
------------------
http://all.net/
Yahoo! Groups Links
To visit your group on the web, go to:
http://groups.yahoo.com/group/iwar/
To unsubscribe from this group, send an email to:
iwar-unsubscribe@yahoogroups.com
Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
Received on Tue Dec 16 20:45:13 2003
This archive was generated by hypermail 2.1.8 : Wed Dec 17 2003 - 13:05:33 PST