[cap-talk] Team for Research in Ubiquitous Secure Technology
david.nospam.hopwood at blueyonder.co.uk
Sat Apr 16 21:11:37 EDT 2005
John Carlson wrote:
>> It's interesting for me to watch efforts like this, but it does start to
>> get discouraging after so many years of no progress being made
>> and things continuing to get worse as more players get mixed into
>> the "game".
> Perhaps there is a lack of an overall plan to implement POLA?
> We have to decide whether hacks to existing systems are acceptable,
> or whether new systems are necessary.
Hacks to existing systems will in my judgement not be sufficient to
build systems that resist competent, motivated attackers. It will always
be too easy for such attackers to do an end-run around the parts of the
system that have been strengthened.
Hacks to existing systems *may* be sufficient to raise the profile of
capability systems and thereby indirectly help in increasing the
adoption of real solutions.
David Hopwood <david.nospam.hopwood at blueyonder.co.uk>
More information about the cap-talk