× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



How does this apply to the conversation?  More importantly, how does it
help?  It's a nice quote, but not particularly helpful.

Are you saying proprietary protocols are NOT more secure than published
protocols?  Or are you saying that there is a protocol that matches the
analogy Mr. Schneier uses?  If so, what is it, and how easy is it to
implement?  Rather than tell me what you DON'T like about my approach, tell
me what yours is.

Criticism without alternative, especially second-hand criticism, is
intellectually lazy, and I expect better from you, Leif.

Joe


> -----Original Message-----
> From: midrange-l-admin@midrange.com
> [mailto:midrange-l-admin@midrange.com]On Behalf Of Leif Svalgaard
> Sent: Wednesday, August 15, 2001 9:34 AM
> To: midrange-l@midrange.com
> Subject: Re: IIS to as/400 odbc
>
>
> From: Joe Pluta <joepluta@PlutaBrothers.com>
>
> > As the script kiddies get more sophisticated, Leif, I think you
> need both
> > strong network policy procedures and proprietary protocols
>
> To quote Bruce Schneier (Preface to Applied Cryptography):
>
> "If I take a letter, lock it in a safe, hide the safe somewhere
> in New York,
> then tell you to read the letter, that's not security. That's obscurity.
> On the other hand, if I take a letter and lock it in a safe, and then
> give you the safe along with the design specifications of the safe
> and a hundred identical safes with their combinations so that you
> and the world's best safecrackers can study the locking mechanism
> - and you still can't open the safe and read the letter - that's
> security."
>
> Just make sure that having a proprietary protocol (which has other
> problems such as finding people to maintain it after you are gone)
> does not become a convenient "pillow of complacency".



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.