[nycbug-talk] some more notes on Fifth HOPE
Bob Ippolito
bob
Sat Jul 10 02:09:17 EDT 2004
On Jul 9, 2004, at 10:30 PM, G.Rosamond wrote:
> Security Through Diversity
>
> Another great meeting. . .first part based only on genetics and the
> role of diversity in species' survival. Then connected to technology
> and computing. . .whether on the application end, os, etc. Had a
> great list of bibliographies for his talk, but was unable to get them
> down, and he wasn't too helpful in getting them to anyone. Referenced
> authors included Zhang on Hetero. . .I raised point about difficulty
> about diversity in business sites, as there's been the complete
> dismantling of open standards. . .so interoperability is hard. . .He
> raised the point of reverse engineering, such as with SMB. .
> .excellent point. He mentioned that OpenSSH, Apache and more rely on
> one library, another indication of the problems with diversity. One
> bibliography I did catch was Linger: "Systematic Generation of
> Stochastic Diversity as an Intrusion Barrier in Survivable Systems
> Software" 1999 Pretty scary title for a paper, but excellent concept.
> He also contrasted security through diversity versus security through
> obscurity, an approach by many vendors.
Dude needs to do his research before he talks out of his ass.
GnuTLS has an OpenSSL compatibility shim that will probably compile (at
least) Apache but maybe OpenSSH too.
OpenSSH and Apache may use OpenSSL in their implementation, but there
are a few alternative implementations of SSH (lsh, conch, etc.) and
LOTS of HTTPS implementations that do not.
-bob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2357 bytes
Desc: not available
Url : http://lists.nycbug.org/pipermail/talk/attachments/20040710/558096f2/attachment.bin
More information about the talk
mailing list