22 Jun
2009
22 Jun
'09
11:11 p.m.
On Monday 22 June 2009 17:35:57 Jörn Nettingsmeier wrote:
your rtkit cannot protect against anything, you can
just play policy
catch-up with evildoers forever. that's about the same level of security
that outgoing firewalls in windows provide - you depend on process names
and whatnot, and if i rename "Internet Explorer.exe" to "Windows
Update.exe", i'm free to do as i please (not quite, but you get the idea).
this is *not security*. this is theater.
Maybe that's where the confusion comes from!
In today's media and everyday life security is so often confused with theater,
and theater is so often used to make things seem secure, that we don't know
the difference anymore!
Ever been in an airport lately?
Only the bad actors get caught.
(which reminds me of that question on a certain well-known country's
immigration form, which asks whether or not I am planning to blow something
up, while I'm there. Like, I would answer yes if I did?).
proper security sometimes
includes the wisdom that certain threats cannot be met without throwing
out the child with the bathwater. some daemon fiddling with rt privs at
runtime in my book qualifies as drowning the child first, then throwing
it out. maybe eating it afterwards, but i'm not sure.
sincerely,
Marije