送交者: 吴礼 于 2005-6-24, 10:29:48:
回答: "我们不可能做出无漏洞的软件系统" -- Is this overstated? 由 AA 于 2005-6-24, 02:54:46:
The whole computer and network concepts were based on the assumption that the users or anyone in the community will not intentionally do anything harmful. The "security" was to prevent unintentional or accidental damages. The concept of “security” against malicious attacks is an afterthought to the IT systems. If we want a completely attack-proof system, we need to restart from scratch.
This is analogues to changing an office building to a prison. It’s a lot more than adding locks to the doors.
Come to think of it, the whole capitalist society is based on the assumption that not many people will cause damages that do not bring material benefit to them. That’s why security against terrorists is so difficult.