10 security technologies destined for the dustbin

Discussion in 'other security issues & news' started by ronjor, Aug 18, 2015.

  1. ronjor

    ronjor Global Moderator

    Jul 21, 2003
  2. Gullible Jones

    Gullible Jones Registered Member

    May 16, 2013
    In some cases he's optimistic IMO, in others sensationalist.

    Biometric auth: yes, and thank God.

    SSL: TLS is not much better. SSH with pubkey auth, on the other hand, is the only thing that works. HTTPS is not as trustworthy as people think.

    (Note - most SSH hackings I've heard of have been due to misuse of password authentication. And the stuff against OpenSSH is a disgusting example of FUD IMO. Properly used, it is far more trustworthy than HTTPS, and the daemon itself has AFAIK had less frequent holes than e.g. OpenSSL. Which, BTW, is a whole different piece of software.)

    Pubkey encryption: "when" -> more like "if." Quantum computing is nontrivial.

    (Repeat after me: The Singularity Will Not Happen.)

    IPSec: well yeah, except that HTTPS MITM proxies exist. With automatically trusted certs, even.

    Firewalls: TCP/IP stack vulnerabilities are not common, but have happened. Also it's handy to be able to drop stuff at a packet level. I don't think kernel based, packet filtering firewalls are going to vanish - they're useful to have in case of e.g. DoS attack.

    Antivirus: I wish, but don't underestimate the power of money. Also Grimes is waaay too optimistic about whitelisting.

    Antispam: hard to say. From what I've personally seen, spam filters are doing much better than they used to.

    Anti-DoS: firewalls, anyone? :) Also I don't believe that "Put them in prison!" is a legitimate solution. The punishment should suit the crime IMO.

    Event logs: I could make some interesting analogies here with what the NSA is doing. But yeah, IMO this is not doomed, it's a number crunching issue. I'm betting we develop better expert systems for dealing with such logs.

    Anonymity and privacy: the situation is grave, but I would not write it off as "doomed", if only because we shouldn't go down without a fight.

    ... All IMO, anyway.
  3. Rasheed187

    Rasheed187 Registered Member

    Jul 10, 2004
    The Netherlands
    I don't see AV's and firewalls going anywhere. Yes they are not perfect, but still too important. Especially outbound firewalls are very useful, almost all malware relies on outbound connections.