[PLUG] Time server broken...
Felix Lee
felix.1 at canids.net
Mon Feb 16 17:59:02 UTC 2004
AthlonRob <AthlonRob at axpr.net>:
> Does this mean Windows was 100% reliable up until the first
> security flaw was discovered? I think not. I think the OS was
> insecure before, we just didn't realize it.
sorry, I was sloppy for the sake of simplicity. the word
"reliable" is too vague to be useful in this case, and you're
using a different meaning of the word than I intended.
what I meant was something like, "what's the probability that
someone can penetrate your security barrier right now?" it's
close to 0% if there are no exploits known by anyone. it's 100%
if someone does know an exploit. this doesn't sound like a very
useful statement, because it doesn't seem like some secretive
malicious agent would care about penetrating your security, but a
computer has value independent of it being _your_ computer, and
someone can want access to your computer without necessarily
knowing whose computer it is. the chances of that are not small,
because it's easy to automate attacks, because computers are a
type of universal machine.
perhaps a more useful statement is
the chance that a malicious agent has bypassed a network
security mechanism on your computer before anyone has
discovered any exploitable flaws in the mechanism is 0%.
the chance that a malicious agent has bypassed a network
security mechanism on your computer after someone has
discovered an exploitable flaw in the mechanism approaches
100% very quickly, because of automated attacks.
--
More information about the PLUG
mailing list