[OpenIndiana-discuss] 3737 days of uptime
Jim Klimov
jimklimov at cos.ru
Sun Apr 7 15:14:17 UTC 2013
On 2013-04-07 16:34, Andrew Gabriel wrote:
> OTOH, I have worked in environments where everything is going to be
> locked down for 6-10 years. You get as current and stable as you can for
> the final testing, and then that's it - absolutely nothing is allowed to
> change. As someone else already hinted earlier in the thread, the
> security design of such infrastructure assumes from the outset that the
> systems are riddled with security holes, and they need to be made secure
> in some other (external) way.
We've had projects where the axiom was "A network-connected system
is assumed compromised". It was even forbidden by law (maybe still
is) to connect govt IT processing systems to public networks, so
all kinds of the security gateway systems sprawled - in order to
allow data exchange without having a networked connection, we made
some too back in the day. Heck, for some deployments "they" discussed
as appropriate to print out the input on one "shore" of the no-net
gap and scan or type it in on the other. And this was even not some
secret military, just govt-management stuff ;)
//Jim Klimov
More information about the OpenIndiana-discuss
mailing list