[nycbug-talk] fave BSD tips/tricks?

Miles Nordin carton at Ivy.NET
Wed Aug 26 02:10:34 EDT 2009


>>>>> "il" == Isaac Levy <isaac at diversaform.com> writes:
>>>>> "cs" == Charles Sprickman <spork at bway.net> writes:

    il> Lively.  You both have strong points-

which points were strong?  or by strong did you mean strong opinions,
in that neither one of us was the slightest bit swayed by the other,
and has if anything less respect for the other than when he began?

    il> To do or not to do ends up a discussion of threat models,

Yeah, but you're acting like a discussion of threat models never took
place, and it did.

I said something like ``kernel code, setuid binaries, and listening
daemons matter because they are exposed to attackers.  For ordinary
userspace programs, programs you don't run are no less secure than
programs that aren't installed, because the attacker can just upload
whatever code he needs.  Not installing a compiler inconveniences you
more than the attacker, and `inconvenience the attacker' should not be
the goal of your security anyway.''  There's no whiteboard involved in
the ``threat modeling'' I did, but pointing out ``these classes of
threats are equivalent'' sounds like a model to me.

Jerry said something like, ``yeah well every little bit you can
hypothetically slow down a particular specific kind of attacker is
Good so I see no need to change my rituals.''  His model is to
basically leave clutter all over the place, slowing down attackers and
legitimate users alike.  just slow down everything.  It's so obviously
dumb.

Shall we ``model'' it further?  Most attacks are automated, so unless
you're the lucky FIRST GUY on which the attack's designed, it won't
matter how much you do or don't slow down his development because the
attack will already be scripted and replicated by the time you face
it.  It's unlikely you'll even slow down the first victim, because the
attacker will almost certainly build his own machine to attack first,
because when you are trying to develop the exploit you keep getting it
wrong over and over which crashes the victim daemon, so you have to
restart the daemon, and if you practice on a real victim he'll get
wise.

seriously, minified systems are end-to-end dumb.

    il> computing objectives, and constraints- which decide these
    il> points in a given context quite easily.

whaaaaaaa?  how many contexts have you got in mind?  can you even
think of two examples that obviously sway one to my view and one to
Jerry's?  Where the relevant difference is in the ``objective''?  upon
which we'd both plausibly agree?

    il> I see no fundamental 'right' in either side of the points
    il> argued, Miles keeps his compiler, and Jerry deletes his.

I just hate these ``can't we all just get along'' posts.  What for?
It's obvious this guy and I are not going to agree, and the only thing
you do with these feelgood prozac posts is encourage everyone to
forget everything they read because it's all ``relative'' or
something.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 304 bytes
Desc: not available
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20090826/f62e6dbc/attachment.bin>


More information about the talk mailing list