[Dshield] Crypto Question
John Hardin
jhardin at impsec.org
Fri Mar 6 16:28:36 GMT 2009
On Thu, 5 Mar 2009, Valdis.Kletnieks at vt.edu wrote:
> On Thu, 05 Mar 2009 10:19:52 PST, David Brodbeck said:
>
>> To me this seems like basic "defense in depth." Engineers would call
>> it redundancy.
>
> Which is why your programs all implement two separate 'sort' routines,
> invoke them both, and compare the results, just in case one screws up,
> right?
Sigh.
> Oh, you don't need to do that, because you trust the first sort routine,
> and if it was buggy you'd just replace it, because carrying around 2 and
> doing it twice is just a pain in the ass for no real gain? Hmm. Gotcha.
>
> Redundancy is all well and good when you're combining multiple ways of
> doing it, each of which has a given failure rate but is presumed to
> usually still work. It works great if you have 2 engines each which
> work 99% of the time. It does *NOT* work if one engine has a 'FAILED
> INSPECTION - DO NOT USE' sticker on it - at that point, you have *only*
> the second engine.
Yes, but you're not dead in the water while you fix or replace the failed
engine. How is that a failure of the redundancy model?
Valdis, I can't seem to make you see the point, I'm going to stop trying.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin at impsec.org FALaholic #11174 pgpk -a jhardin at impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Failure to plan ahead on someone else's part does not constitute
an emergency on my part. -- David W. Barts in a.s.r
-----------------------------------------------------------------------
2 days until Daylight Saving Time begins in U.S. - Spring Forward
More information about the Dshield
mailing list