Firewall Wizards mailing list archives

Re: SCADA

From: Brian Loe <knobdy () gmail com>
Date: Wed, 15 Apr 2009 09:38:00 -0500

On Tue, Apr 14, 2009 at 5:49 PM, Marcus J. Ranum <mjr () ranum com> wrote:

Paul D. Robertson wrote:


The other side of the coin is that adding layers adds complexity and code-
and adding code adds bugs- so you don't *always* get a net security gain by
adding "protecion."


You raise a problem that I've spent too much time pondering. In effect,
it refutes the "conventional wisdom" of computer security. Which goes
as follows:
Item #1 - Defense in depth is good
Item #2 - Complexity is the enemy of security

If #2 is true, #1 can't be, because defense in depth adds complexity.

Puzzled,
mjr.



Completely agree - but is it a ying/yang thing, where the two
compliment each other and you need only find the balance? I tend to
believe it is, with an emphasis on keeping things as simple as
possible. Human nature is a risk - complexity is...an attack vector?
:)
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Re: SCADA, (continued)
- - - Re: SCADA Marcus J. Ranum (Apr 15)
    - Re: SCADA Jim Seymour (Apr 14)
    - Re: SCADA Brian Loe (Apr 14)
    - Re: SCADA ArkanoiD (Apr 15)
    - Re: SCADA Brian Loe (Apr 15)
    - Re: SCADA ArkanoiD (Apr 15)
    - Re: SCADA Brian Loe (Apr 15)
    - Re: SCADA Paul D. Robertson (Apr 14)
    - Re: SCADA Marcus J. Ranum (Apr 15)
    - Re: SCADA Dotzero (Apr 15)
    - Re: SCADA Brian Loe (Apr 15)
    - Re: SCADA AMuse (Apr 15)
    - Re: SCADA david (Apr 20)
    - Re: SCADA Marcus J. Ranum (Apr 14)
    - Re: SCADA Victor Williams (Apr 14)