Robert Allen (firstname.lastname@example.org)
Mon, 06 Apr 87 11:09:55 -0800
>> ..... we must
>> entrust our systems and data to a open-ended set of youthful
>> hackers (the current term is "gurus") who have mastered the
>> arcane knowledge.
Only because these 'youthful hackers' are the only ones
willing (or having the time) to look for the problems
>> Knowledge is power, and it properly belongs in the hands of
>> system administrators and system programmers. It should NOT be
>> the exclusive province of "gurus" who have a vested interest in
>> keeping such details secret.
I agree that system administators should have the know-how
to protect their systems. However I have not seen the
concerted effort of gurus to keep security problems
secret from the administors. Rather I have seen administrators
keeping such holes secret from the users, and then complaining
when the users discover and use them.
>> -- Mark --
>> PS: Crispin's definition of a "somewhat secure operating system":
>> A "somewhat secure operating system" is one that, given an
>> intelligent system management that does not commit a blunder that
>> compromises security, would withstand an attack by one of its
>> architects for at least an hour.
...except for the case where one has physical access to
Disclaimer: I am not a guru, and I don't advocate breakins, but if a
feature is there (such as telnet port 25), and is used,
I think that the administrators should share responsibility
with the user for any problems that result.
This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:38:06 GMT