[Info-vax] [OT] Zero trust software, was: Re: Rethinking DECNET ?

[Bill Gunshannon]

In article <lu76ii$mlj$1 at news.albasani.net>,
	Jan-Erik Soderholm <jan-erik.soderholm at telia.com> writes:
> Bill Gunshannon wrote 2014-09-03 14:38:
> 
>> All of this come down to trust.
> 
> Of course.
> 
>> And my opinion has always been why would anyone trust a
>> third party over themselves?
> 
> Are you also doing all locksmith work at home?

Pretty much.  For what has to be done in a private residence.

> And produce your own keys for your home?
> Or do you actualy buy your locks ready-made
> including keys made by some "third party"?

Of course, and I realize that other people are buying locksets
with the same keys.  I don't trust the locks on my house any
more than I trust VeriSign.

But then, they don't know what number locks I have and all of
mine are the same so I have cut down on the available duplicates
locally at least a little.  But then, one foot trumps your
average house lock anyway, so why be paranoid over something
like that?

And, no, I don't trust people not to break in.  But my dog may
come as a real surprise, especially now that I know the significance
of her prominent sagital crest.

A better equivalent for me is people who pay companies like ADT.
Why on earth would you trust them?  The system itself is flawed
because they don't have an armed police force ready to respond
to an alarm so who is going to actually protect your house?

And you really have no guarantee they won't single your house
out for someone to rob and just ignore the alarm when it happens.

Once again, it is all about trust.  And risk management.  You have
to evaluate the risk and decide if the proposed solution mitigates
it enough to be of value.

bill

-- 
Bill Gunshannon          |  de-moc-ra-cy (di mok' ra see) n.  Three wolves
billg999 at cs.scranton.edu |  and a sheep voting on what's for dinner.
University of Scranton   |
Scranton, Pennsylvania   |         #include <std.disclaimer.h>