Standardizing on Security

Standardizing on Security
Hal Flynn, 2004-01-14

The Linux standards group publishes 565 pages of data describing a standards-compliant Linux package. So why aren't any of them about security?

Expand all | Post comment

Standardizing on Security 2004-01-15
Anonymous

Would a standard enhance, or retard security? 2004-01-15
Anonymous

Standardizing on Security 2004-01-16
Anonymous

Bring in the zealots. 2004-01-16
Anonymous (1 replies)

Bring in the zealots. 2004-01-19
Anonymous

Fedora Core release 2 2004-01-16
Jared Robinson

Standardizing on Security 2004-01-16
Anonymous

Standardizing on Security 2004-01-17
Anonymous (1 replies)

Standardizing on Security 2004-01-19
Anonymous

Hal would be right... 2004-01-19
Anonymous

Standard Argument 2004-01-19
Anonymous

Standardizing on Security 2004-01-21
blacklight

Security is both a process and a product, where the product is unfinished because the process is still evolving with many branches pointing to as many tentative solutions. The desire for clearly spelled out answers is understandable, but are clearly spelled out answers that are not right desirable? Let's make sure we evolve a few "right" answers, before we even think of standardizing anything.

Anyway, I am not too happy with my comments because I am too vague, and I know it: the problem with vagueness is that we can go round and round the apple tree without being able to resolve anything. Aside from that, vagueness is simply not actionable.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/207/24444#24444

Standardizing on Security 2004-01-21
Anonymous