[AfrICANN-discuss] Security and Development

Dr Yassin Mshana ymshana2003 at gmail.com
Thu Oct 25 01:03:51 SAST 2012


Douglas,

I am in same line of though with you and others.

The issue here is on practical part of things - would you tell us what is
in you wallet in the open? I m talking about security at another level
which I do not belong to - that is beyond the lab environment. You read
what our friend from Nigeria was fearing about....

The principle of Not Trusting more than yourself holds out there... it is
in the lab, I am afraid to stick to that.

Would you disclose high level security weaknesses in the open? Like how
data is handled and managed by your power network or Central bank? In that
case consider yourself a security threat - I am afraid so, Let us keep
these discussions at laboratory level - may be that is why some
institutions were  attacked? people sharing such information in the
open...? I m glad I am just a beneficent and promoter of the use of
Internet everywhere and everything BUT Securely

Cheers

Yassin
On 24 October 2012 22:38, Douglas Onyango <ondouglas at gmail.com> wrote:

> Yassin,
>
> On Oct 25, 2012 12:59 AM, "Dr Yassin Mshana" <ymshana2003 at gmail.com>
> wrote:
> > I am glad to have learnt something today. It seems that the limitations
> >are a advantage  when it comes to security issues which can not be
> >discussed in the Open.
> > Security is Secret therefore one does not have to answer Questions in
> >the open (Oga Nii I am sorry there - no answers on security issues) the
> >fact is in the laboratory everything is open but when it comes to security
> >practice things are different!
>
> This is what is called the: security through obscurity principle. It is
> also frowned upon in security circles because it doesn't make you more
> secure but rather hides your vulnerabilities --- and you know you can't do
> that forever.
>
> Microsoft and Apple are some prime examples of people who worked by this
> principle with disappointing results at some point.....on the other had
> Linux/Unix is a success story of open security.....and today we all know
> where that has gotten them.
>
> I am more of the school of thought of open security; or security by
> design. I think security can & should be discussed openly --- afterall, our
> discussion centres around principles of security rather than IP addresses
> or anything that low level.
>
> Regards,
>
> _______________________________________________
> AfrICANN mailing list
> AfrICANN at afrinic.net
> https://lists.afrinic.net/mailman/listinfo.cgi/africann
>
>


-- 
*Independent Consultant*
c/o DFID-Sierra Leone
5 Off Spur Road, Wilberforce
Freetown,SIERRA LEONE
Skype: yassinmshana1, Mobile:+23276926697, Fax: (+232) 22235769
*Do You really NEED TO PRINT THIS?*
 * "The illiterates of the 21st century are not those who cannot read or*
* write** but those who cannot learn, relearn and unlearn" Alvin Toffler*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.afrinic.net/pipermail/africann/attachments/20121024/5fbb84b7/attachment.htm


More information about the AfrICANN mailing list