| HN Mirror

Y	Hacker News new \| ask \| show \| jobs


	by MadsRC 1567 days ago
	I love this! Using a 2000+ year cipher to circumvent Deep Packet Inspection seems almost poetic. I feel like the article missed out on mentioning one key thing: Using a deny-list doesn’t work. It’s much more viable to default block and allow the stuff you know you’ll allow. Defaulting to allow and blocking stuff you don’t want is how you end up being owned by rot13.

1 comments

pdkl95 1567 days ago

http://www.ranum.com/security/computer_security/editorials/d...

"The Six Dumbest Ideas in Computer Security"

> #1) Default Permit

> #2) Enumerating Badness

link

MiddleMan5 1567 days ago

Reading point #4 on a site called "Hacker News" seems rather ironic.

I wonder how you might encourage deeper introspection into software infrastructure security vulnerabilities, both from closed source companies and from obscure open source projects, without "spreading breadcrumbs for the roaches"

link

c0balt 1567 days ago

Thank you for sharing the post. It made my day so far, I actually want to re-read it and take notes.

link