E' uscito crypto-gram di ottobre. Ci sono alcune cose interessanti: cominciamo con la mossa della Microsoft di mostrare al governo cinese il sorgente di Windows: non una grande idea, sembrerebbe:
China is getting a copy of the Windows source code. I've already written about the security risks of open-source versus proprietary software. One of the problems with open source is that the bad guys get to look at the code. One of the good things about open source is that the good guys get to look at the code, too. If I were the Chinese government, I'd turn that code upside down looking for vulnerabilities, and then not tell anyone about them. This seems like a huge security risk to me, even though Microsoft might consider it a smart business move.
Poi, come i geek reagiscono alla minaccia di una bomba:
I found this in Tim Bray's weblog: "In the speakers' room at Seybold, there were plenty of Cat5 drops but a shortage of DHCP leases. When they announced the bomb threat, Lauren saw people unplugging and leaving, brightened up and said 'Oh good, I can grab my e-mail' and plugged in. Is that great or what, and I ask: why would a geek ever marry a non-geek?"
This is a great story: someone taking advantage of the Internet services made temporarily available because of a bomb threat. And honestly, this would probably have been my reaction as well. Bombings are much less common than bomb threats, and staying in a threatened building is only slightly less dangerous than leaving. But getting your e-mail -- now that's important.
Security is always a trade-off.
Poi, come si usano ancora stratagemmi presi da "il giorno dello sciacallo", i rischi della monocultura Microsoft e altro ancora. Ma evito di ricopiare tutto qui, è meglio se ve lo andate a leggere dov'è, no?
10:55:15 PM
|