On Thu, Aug 09, 2007 at 05:16:43PM +0200, Hans-Juergen Schoenig wrote:
> we are shipping appliances - users can only use SQL; no compilers and
> no SSH logins allowed ...
If you have shipped a physical thing to someone else, then they can
do what they want with it irrespective of what "rules" you think you
have imposed. If you believe otherwise, then you are deluding
yourself about the security of your approach. It was this sort of
magical thinking that caused SIM cards, WEP keys, DVD copy
protection, and other such "guaranteed safe" technologies to be
revealed as encumbered with needless weight that may foil casual
users, but that are trivially broken by anyone actually interested in
doing the breaking.
A
--
Andrew Sullivan | ajs@crankycanuck.ca
In the future this spectacle of the middle classes shocking the avant-
garde will probably become the textbook definition of Postmodernism. --Brad Holland