10 security technologies destined for the dustbin

Discussion in 'other security issues & news' started by ronjor, Aug 18, 2015.

  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,763
    Location:
    Texas
    http://www.networkworld.com/article...ty-technologies-destined-for-the-dustbin.html
     
  2. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,461
    In some cases he's optimistic IMO, in others sensationalist.

    Biometric auth: yes, and thank God.

    SSL: TLS is not much better. SSH with pubkey auth, on the other hand, is the only thing that works. HTTPS is not as trustworthy as people think.

    (Note - most SSH hackings I've heard of have been due to misuse of password authentication. And the stuff against OpenSSH is a disgusting example of FUD IMO. Properly used, it is far more trustworthy than HTTPS, and the daemon itself has AFAIK had less frequent holes than e.g. OpenSSL. Which, BTW, is a whole different piece of software.)

    Pubkey encryption: "when" -> more like "if." Quantum computing is nontrivial.

    (Repeat after me: The Singularity Will Not Happen.)

    IPSec: well yeah, except that HTTPS MITM proxies exist. With automatically trusted certs, even.

    Firewalls: TCP/IP stack vulnerabilities are not common, but have happened. Also it's handy to be able to drop stuff at a packet level. I don't think kernel based, packet filtering firewalls are going to vanish - they're useful to have in case of e.g. DoS attack.

    Antivirus: I wish, but don't underestimate the power of money. Also Grimes is waaay too optimistic about whitelisting.

    Antispam: hard to say. From what I've personally seen, spam filters are doing much better than they used to.

    Anti-DoS: firewalls, anyone? :) Also I don't believe that "Put them in prison!" is a legitimate solution. The punishment should suit the crime IMO.

    Event logs: I could make some interesting analogies here with what the NSA is doing. But yeah, IMO this is not doomed, it's a number crunching issue. I'm betting we develop better expert systems for dealing with such logs.

    Anonymity and privacy: the situation is grave, but I would not write it off as "doomed", if only because we shouldn't go down without a fight.

    ... All IMO, anyway.
     
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    I don't see AV's and firewalls going anywhere. Yes they are not perfect, but still too important. Especially outbound firewalls are very useful, almost all malware relies on outbound connections.
     
Loading...