Security Portal: Security Techniques and SurvivabilityAug 23, 2000, 20:59 (0 Talkback[s])
(Other stories by Kurt Seifried)
" I've seen a lot of discussion recently of various computer security techniques. It seems everyone has their own favorite solution, which they feel is the correct one, and all other solutions are of course flawed and inferior. But the truth is even simpler: all security techniques are flawed."
"No matter how well something is planned and implemented, there will still be some exploitable problem. Does this mean that a flawed security technique should not be used at all? Consider this: locks on doors (Yale locks, even a good dead bolt) can easily be defeated by a determined attacker. They will simply take a crowbar, and using brute force, rip the door off its hinges and force their way in. The same applies to cars. I don't care how sophisticated your car door's lock is -- I can just smash the window in with a brick...."
"When it comes to network and system security, there are a number of techniques in popular use to secure against intrusion. The first and simplest is to remove all unneeded services, and restrict access to any remaining services where possible. This is similar to building a high-security facility with no windows on the ground floor, and only one main entrance. This, of course, does nothing to directly increase security at the remaining access points; however, you can concentrate your finite resources on less likely problems, resulting in better coverage."