[LINK] What's a reasonable level of code-checking?

[Rick Welykochy]

--- David Lochrin <dlochrin at d2.net.au> wrote:

>    The problem with a "locked-down purpose-built network box for connecting consumers to the big
> wide info-autobahn" is that we'd need a range of boxes configured for each consumer's profile of
> applications.  This customer wants to run VoIP, that one wants to run some combination of games,
> and another wants an IPsec tunnel to their employer.  A network-box which allowed everything
> would not be very secure.

Is that a problem, really? Identify the top 10 protocols and usages, amke them
"The Requirement" and support nothing else. Supposedly, the chosen protocols and
usages will cover the 95% of "mom and dad and kids" users out there. Forget about
the rest. Leave them "as they were."

>    This all illustrates the basic problem - users must have application flexibility, but
> supporting this flexibility requires a great deal of technical skill.  It's just not possible to
> have our cake and eat it too.

Requirement: no flexibility allowed.


>    Exactly, but the user's responsibility may lie with having their computer & network
> professionally configured.  And what level of professional liability insurance does that require
> of the expert?

Requirement: fixed network configuration allowed. Nothing else.

Requirement: expert not required for installation. Plug and go. That is all.

Goal: meet these requirements, and nothing more. Lock down the "net device"
100%, test and retest. Release. Done.

cheers
rickw




		
____________________________________________________ 
On Yahoo!7 
Coming soon: Celebrity Survivor - 11 celebrities, 25 days, unlimited drama 
http://au.yahoo.com/celebrity-survivor/