Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-disclosure] comparing information security to other industries

from [Valdis . Kletnieks] Network Security [Permanent Link]
Subject: Re: [Full-disclosure] comparing information security to other industries
Date: Tue, 19 Dec 2006 16:17:38 -0500 
On Tue, 19 Dec 2006 12:16:29 PST, KT said:

So we have been dealing with information security from last 20 years and
still the world is at large lost. We still see banks vulnerable to
trivial XSS attacks and software broken by buffer overflows. How do we
compare to other industries like construction, engineering, finance?
What I am trying to figure out is how mature we are and how long will it
take for to get stable?


20 years after the first automobile, we'd gotten as far as a Model A or T
or so.

Learning the ins and outs of stone arches took a millenium.  And then when
steel became available, it took several decades to learn that.

Finance?  When was Adam Smith's "The Wealth of Nations", and how long did
THAT take to really get understood? (For bonus points, how many centuries
between the first use of abstract counters as money, and Smith's understanding
of it? Why did *that* take so long?)

Science?  Einstein had a great year in 1905.  How many people understood
it by 1925?

(Incidentally, the fact that we still have a lot of security issues isn't
actually a software problem, so much as an innate lack of tools to help
humans understand *any* complex system, be it software, or the economy,
or global climate, or....)

Attachment: pgpFILj5Ec1QL.pgp
Description: PGP signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-disclosure] comparing information security to other industries, KT
Next by Date:  Re: [Full-disclosure] [WEB SECURITY] comparing information security to other industries, Will Jefferies
Previous by Thread:  [Full-disclosure] comparing information security to other industries, KT
Next by Thread:  Re: [Full-disclosure] comparing information security to other industries, coderman
Indexes:  [Date] [Thread] [Top] [All Lists]