Some see infosec as an enforcement issue. Like a beat cop who will never catch all the theives
-
-
A tit-for-tat battle that can never be solved, but "we can make it harder for them".
1 reply 0 retweets 0 likes -
(This view also happens to be profitable since you can always charge for an enforcement service.)
1 reply 0 retweets 0 likes -
Others (myself included) see infosec as more of an engineering problem. A product quality issue
1 reply 0 retweets 2 likes -
While some aspects of infosec (social engineering) are not easily fixed with good engineering,
1 reply 0 retweets 1 like -
we have a long ways to take the engineering yet.
1 reply 0 retweets 1 like -
I think
@VessOnSecurity focuses only on the tit-for-tat problems (that do exist) and ignore the solvable ones.2 replies 0 retweets 1 like -
So is malware a tit for tat problem or a solvable one, today?
2 replies 0 retweets 0 likes -
Replying to @CarlGottlieb @ecbftw and
In general (theoretically) it's an unsolvable problem. Mathematically provable.
1 reply 0 retweets 2 likes -
Replying to @VessOnSecurity @CarlGottlieb and
Basically, the question "does an arbitrary program do X" is algorithmically unsovable.
3 replies 0 retweets 0 likes
But why let a little thing like that get in the way of selling your magic water?
-
-
Replying to @taviso @VessOnSecurity and
So your argument is that if something (such as AV) isn't perfect it is a net negative?
1 reply 0 retweets 0 likes -
Replying to @CarlGottlieb @taviso and
His argument is that since AV can't be perfect, it's useless. So, AV with vulns is harmful.
1 reply 1 retweet 1 like - 11 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.