Posted by Jerry Stuckle on 10/22/07 02:04

Puckdropper wrote:
> Jerry Stuckle <jstucklex@attglobal.net> wrote in news:46GdnfUzY-
> HIeYbanZ2dnUVZ_rWtnZ2d@comcast.com:
>
> *snip*
>
>> To be able to prevent something, you must have 100% security. And that
>> means, in computer systems anyway, 100% perfect code, absolutely no
>> access to the sensitive code, either via communications link, physical
>> access to the server or any other way. There must also be no copies
>> (i.e. backups) of the sensitive files at all. And even then you're
>> likely to have potential gaps in the system.
>>
>> But how many systems do you know fit this?
>>
>
> Prevention is NOT about stopping EVERYTHING. It's about stopping SOME
> THINGs. You are correct that absolute prevention requires 100% effective
> security, but we're merely talking about stopping some attacks.
>
> Security, at its simplist, is about allowing access to those who need
> access and preventing access to those who do not need access.
>
> Puckdropper

Ah, but it is. If you prevent something, you have stopped it. Period.
Stopping "some" break-ins is not prevention.

What you are talking is deterrence.

And security is about deterring what you can - and minimizing the damage
for those you can't.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

[Back to original message]