Thread: what are your best practices to ensure privacy ?
View Single Post
  #9   (View Single Post)  
Old 3rd April 2012
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
  
Join Date: May 2008
Location: USA
Posts: 7,983
Default
Quote:
Originally Posted by daemonfowl View Post
...Am I wrong to think that an ultra-secure server can be an ultra secure workstation , optimized for client services .. does the word workstation exclude anything that I asked about ??
You have missed my point. Let me rephrase it, as clearly as possible. Please note, BSD has nothing to do with this pair of statements. This is applicable for any OS, now or in the future:

  1. When you run a networked application on The Most Secure Workstation In The World (tm), no matter what it is, no matter who invented it... the workstation cannot possibly protect information transmitted on an untrusted network that is sent or received without encryption.
  2. When you run a networked application on The Most Secure Workstation In The World (tm), no matter what it is, no matter who invented it... the workstation cannot possibly protect unencrypted or decrypted information stored on computers beyond your control, or forwarded by those computers to other systems, or retransmitted or replicated on other networks. What they do with your information is beyond your control. If you have a contractual agreement with those who control that server, that agreement may describe what they are permitted to do with your information.
------
When you run a networked application, it is your responsibility to determine the capabilities of the application, and its limitations, and then its applicability to your needs. In some instances, there may be features of secure networking technologies that might permit you to use an otherwise insecure application in a secure manner. Before you can make that determination, you must understand the application.
Quote:
The story goes : I advocated OpenBSD to a friend of mine who knows nothing much about computer science & engineering .. but he was informed that OpenBSD proudly carries the "Security first" motto .. so how can I materialize this to him ?
You cannot teach something that you yourself do not yet understand.

------

I will once more repeat what I wrote above in an earlier post, and expand a bit. This is not specific to networked applications, but it is apropos:

IT Security is not a product. IT Security is not a program. You cannot install Security. Security is a continual PROCESS, which involves the active participation of the OS administrator, the network architect, and the user.
Reply With Quote