« Tool: SQL Power Injector 1.2 | Main | Zero-day sales not "fair" -- to researchers »

Rant: Security 2.0 and Ethics 0.2 Beta

UPDATE: There is a thread on the slackers forum talking about this below if you want to join in on the conversation.

FX from Phenoelit has posted an interesting rant on the ethics and hype in the security industry.

"The Web 2.0 has all the potential for the next big wave of FUD in security. First of all, it's not done yet. We are seeing new players on the Web but the general direction of developments is sketchy at best. One of the more solid observations is that the Web 2.0 is a work of composition from known technologies at a higher abstraction level than before. Most components are not reinvented but rearranged and adjusted. This leads to some of the lesser-known components and especially patterns [6] to be considered new, revolutionary developments [4].

The new Web primarily teaches us lessons we should already know. Basics like the fact that perimeter security cannot work in networked environments, since they wouldn't be networked if it did - think mesh-ups. Basics like: defence in depth is one of the few paradigms that actually have a chance to work in the wild and keep complex systems alive. But we knew that before, didn't we?"

Article Link: http://www.phenoelit.net/lablog/rants/security2.0.sl
Forum Link:http://sla.ckers.org/forum/read.php?13,13871


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!