[Opensim-users] Banning "bad" viewers was Re: Can this be done?
John Ward
jward at uci.edu
Tue Jan 12 15:46:17 UTC 2010
Karen Palen wrote:
> --- On Tue, 1/12/10, Imago <imagorabbit at gmail.com> wrote: ...
>> But in my opinion even fragile filtering is better then none at all.
>> Because while some could get in the population en masse wouldn't be able
>> to.
>
> This statement and the responses to it illustrate the reason I changed the
> subject line to a generic one. Sadly you are not the only person who thinks
> this way and it is totally false!
No it's not totally false. You condemn it by way of a false analogy.
> I hasten to add that this tirade is not specifically directed at you, but
> at the general notion that you express here. You propose a very bad idea
> which is far too highly respected by the naive and inexperienced.
>
> This approach is far worse than "security by obscurity", rather it is
> merely "feelgood security". By analogy it is like installing dummy fire
> extinguishers rather than ones which work because "at least" the dummy ones
> make everyone feel more secure. I suggest you ask your local fire
> department about the wisdom of dummy fire extinguishers!
In your analogy the "fragile filtering" is the equivalent of a dummy fire
extinguisher. Unlike dummy fire extinguishers which don't put out any fires,
fragile filters, at least the one asked for, would actually block based on how
a client identifies itself. It does more then provide good feelings. The
situation is more analogous to equipping with too few fire extinguishers
rather then fake ones. I suggest you ask your local fire department if you
would be better off with one fire extinguisher, a fake one, or none!
It's always a danger that a security technique gets assumed to or, worse,
claimed to do more then it actually does.
John.
More information about the Opensim-users
mailing list