In message <Pine.LNX.4.64.0601260832510.15682@netcore.fi>, Pekka Savola writes:
On Thu, 26 Jan 2006, Valdis.Kletnieks@vt.edu wrote:
In other words - what is the business case for deploying this proposed solution? I may be able to get things deployed at $WORK by arguing that it's The Right Thing To Do, but at most shops an ROI calculation needs to be attached to get movement....
Exactly. If $OTHER_FOLKS don't deploy it, cases like Panix may not really be avoided.
I think that's what folks proposing perfect -- but practically undeployable -- security solutions are missing.
That is, of course, why I asked the question -- I'm trying to understand the actual failure modes and feasible fixes. I agree that many of the solutions proposed thus far are hard to deploy; some colleagues and I are working on variants that we think are deployable. But we need data first. --Steven M. Bellovin, http://www.cs.columbia.edu/~smb