Monday, April 16, 2012

NetworkWorld: Will we trade freedom for application security?

  • "Web applications abound in many larger companies, and remain a popular (54% of breaches) and successful (39% of records) attack vector."
  • Data loss is silent failure in part due to "digital physics."  As security guru Dan Geer pointed out, "If I steal your data, then you still have them, unlike when I steal your underpants."  
  • "Microsoft's dominance of desktop computer operating systems is a threat to national security."
  • "The present day drumbeat to put control policy into the network fabric itself is so blatantly stupid that it isn't even wrong. Those who propose making the network itself contain security policy are just another breed of Communists, this time with the effete subtlety that neither our Chief Executive nor our Congress has to nationalize critical infrastructure, they just have to deputize it, by force and in private."