Re: Information Security?

Peter C. McCluskey (pcm@rahul.net)
Sat, 28 Nov 1998 09:04:04 -0800

harv@gate.net (Harvey Newstrom) writes:
>Speaking of hacking... Is anyone else on this list working or
>interested in working in the field of Information Security? I would be
>interested to discuss this topic.

Anyone interested in secure OS's (as opposed to the security flaws of popular systems) should look at capability based systems such as EROS. See:

http://www.cis.upenn.edu/~eros/essays/capintro.html
http://www.cis.upenn.edu/~eros/eros.html
http://www.caplet.com/security/taxonomy/

I've only skimmed these ideas (and have limited interest in this subject), but they appear to eliminate most types of security holes (leaving mainly the problems such as poorly chosen passwords or people intentionally giving information to untrustworthy entities). I suspect this kind of approach to security will be needed before it is safe to upload.

-- 
------------------------------------------------------------------------
Peter McCluskey          | Critmail (http://crit.org/critmail.html):
http://www.rahul.net/pcm | Accept nothing less to archive your mailing list