Firewalls: RE: Checkpoint -

Firewalls
(October 1996)

Indexed By Thread: [Previous] [Next]

Subject:	RE: Checkpoint -
From:	rabbi @ www . valuu . net (Rabbi Haim Cassorla)
Date:	Wed, 16 Oct 1996 15:00:40 -0400
To:	"'Todd Graham Lewis'" <lists @ reflections . mindspring . com>
Cc:	"firewalls @ GreatCircle . COM" <firewalls @ GreatCircle . COM>

Yes, but!

The truth of the matter is that while most users ----- end or middle ---  want source code and expandability of chassis and room for all of the goodies you want to sell them. When it gets down to the nitty gritty, most, (99.999% or more), don't ever look at the source code and don't ever expand their systems. 

Sure, when you need it, it is indispensable, but I doubt the day to day value. If the code is out there and Saddam gets it is he less or more likely to mess with it than if it wasn't out there and he got it? Are you arguing against encryption? I have a right to keep my trade secrets.

A friend of mine once designed a major advance in heavy equipment transmission control. Did he patent it? Not on your life. He encapsulated it in plastic, so that if you opened it you would destroy it.

I believe that we are all working toward the "appliance" model. Plug it in ---- it works. If it breaks, call the repairperson.

Shalom Beracha VeTova
Rabbi Haim Cassorla

----------
From: 	Todd Graham Lewis[SMTP:lists @
 reflections .
 mindspring .
 com]
Sent: 	Wednesday, October 16, 1996 10:11 AM
To: 	Rabbi Haim Cassorla
Cc: 	'Rick Romkey'; firewalls @
 GreatCircle .
 COM; michael @
 memra .
 com
Subject: 	RE: Checkpoint -

On Wed, 16 Oct 1996, Rabbi Haim Cassorla wrote:

> Thank you Rick! 
> 

> I was wondering where all these top line security people got the time to
> tinker with source code. I barely have the time to do what I am supposed
> to do here and keep up with the general drift of the list. 
>
> As far as I am concerned I would rather NOT have source code
> available for the products I buy. It gives me an extra two hours against
> the hackers. 

No, it renders you powerless against the hackers when they find the bugs 
before you do.

What if sendmail had been developed under this model?  When the debug-mode
bug was used by the Internet worm, patches were maid available and the
problem was solved.  What if it were developed in secret?  What if the bug
had not been discovered and fixed?  What would Sadaam Hussein have spent
to get the source code to sendmail and unleashed a worm during the war in
'91? 

This sort of naive faith in faceless corporate monoliths to do all of the 
hard work for us and "guarantee" security in their products is the sort 
of thing that I love to see.

>From our competitors.

__
Todd Graham Lewis             Linux!                 Core Engineering
Mindspring Enterprises  tlewis @
 mindspring .
 com   (800) 719 4664, x2804

Follow-Ups:

RE: Checkpoint -
From: "W.C. Epperson" <epperson @ vak12ed . edu>

Indexed By Date	Previous:	LARGE SALES OPPORTUNITY FOR VENDORS From: Frank Willoughby <frankw @ in . net>
Indexed By Date	Next:	Re: Firewall Configuration From: lists @ lina . inka . de (Bernd Eckenfels)
Indexed By Thread	Previous:	Re: Checkpoint - From: Andy Howard <achowar @ erenj . com>
Indexed By Thread	Next:	RE: Checkpoint - From: "W.C. Epperson" <epperson @ vak12ed . edu>