Security, 1994-2004: Then And Now

Security, 1994-2004: Then And Now
Daniel Hanson, 2004-10-20

Comparing the state of security in 1994 versus 2004, has anything really changed over the course of ten long years?

Security, 1994-2004: Then And Now 2004-10-20
tbird@precision-guesswork.com (1 replies)

And what those all have in common... 2004-10-25
Roger

Bad passwords: there have been solutions to the "bad password" problem since at least the early '80s. But hardly anyone uses them because they're a bit inconvenient and there's no drive to implement.

Unpatched apps: admins just don't get enough time and priority for managing security, too many "bottom line" things to keep up with.

Insecure ports: it's really inconvenient to block off all those ports, and takes a lot of time and detail work to make all our stuff work through the firewall if we're too strict.

Bottom line: in 1994, most security problems were caused by management not buying into security until after they'd been screwed. In 2004, ditto.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/272/28838#28838

Security, 1994-2004: Then And Now 2004-10-21
elmurado

Security, 1994-2004: Then And Now 2004-10-21
CR

Security, 1994-2004: Then And Now 2004-10-21
Saphire

Security, 1994-2004: Then And Now 2004-10-24
David Prinzing

Security, 1994-2004: Then And Now 2004-10-25
Tisca774

Security, 1994-2004: Then And Now 2004-10-25
Anonymous#1

Security, 1994-2004: Then And Now 2004-10-25
Mene Tekel

Security, 1994-2004: Then And Now 2004-10-27
Anonymous