Linuxtrent: preoccupante................ dopo la speranza resta la certezza................preoccupante
- From: Diaolin (Natali Giuliano) <diaolin@xxxxxxxxxxx>
- To: linuxtrent <linuxtrent@xxxxxxxxxxxxxxxxx>
- Date: Tue, 10 Apr 2001 18:00:25 +0200
Security expert: 'We are losing the battle'
By Scot Petersen, eWEEK
April 9, 2001 3:23 PM ET
SAN FRANCISCO -- Cryptographer Bruce Schneier today reiterated his managed
security services gospel in a talk here on the opening day of the RSA
Security Conference. But if his message is really being heard, there should
be general panic among CIOs in corporate America.
"The future of Internet security is not very good," Schneier said. "New
methods are being invented, new tricks, and every year it gets worse. We are
not breaking even. We are losing the battle."
The reason not to panic, Schneier says, is that we have to accept the poor
state of security and work to mitigate the risk of attacks rather than try to
prevent attacks altogether -- an impossible task.
Schneier, and his firm Counterpane Internet Security Inc., have come a long
way since Schneier authored "Applied Cryptography" and created the Blowfish
algorithm. Only a few years ago, crypto was the No. 1 defense against hackers
or other unwanted visitors; but as the Internet has grown, cryptography has
proven to be of little use against break-ins or other forms of attacks such
as denial of service.
And, Schneier said, things are not getting easier to defend.
What can be done
"Break-ins aren't even news anymore," Schneier said. "Now it's business as
usual. Most break-ins don't make the press, and most companies don't know
they have been attacked."
Technology, Schneier said, is not the enemy of security. It's only a tool,
one that hasn't been used very well -- or at all -- and that can only serve
as a preventative measure.
The answer, according to Schneier, is to combine frontline firewalls,
intrusion detection systems -- as well as cryptography and public-key
infrastructure where necessary -- with the watchful eye of a 24x7 monitoring
team equipped to respond to the latest attacks. Static technology is too easy
an obstacle for skilled hackers to overcome.
"You have human beings attacking you," he said. "You need human beings
providing the security."
--
I soldi sono la scusa giusta per rendere le persone schiave dei
propri desideri.
Diaolin
--
Per iscriversi (o disiscriversi), basta spedire un messaggio con SOGGETTO
"subscribe" (o "unsubscribe") a mailto:linuxtrent-request@xxxxxxxxxxxxxxxxx
Other related posts:
- » Linuxtrent: preoccupante................ dopo la speranza resta la certezza................preoccupante