On Sat, 18 Apr 2009 21:12:24 +0000 Paul Vixie <vixie@isc.org> wrote:
Date: Sat, 18 Apr 2009 13:17:11 -0400 From: "Steven M. Bellovin" <smb@cs.columbia.edu>
On Sat, 18 Apr 2009 16:58:24 +0000 bmanning@vacation.karoshi.com wrote:
i make the claim that simple, clean design and execution is best. even the security goofs will agree.
"Even"? *Especially* -- or they're not competent at doing security.
wouldn't a security person also know about
I'm taking no position on the underlying argument; I'm simply stating that simplicity is an essential element for security. I like a philosophy I've seen attributed to Einstein: "everything should be as simple as possible, and no simpler". And yes, I know about ARP spoofing... --Steve Bellovin, http://www.cs.columbia.edu/~smb