How many different responses did we see to the recent recursion cve? How does code diversity fix protocol vulns?
Matt > On Dec 13, 2014, at 1:44 PM, Roland Dobbins <rdobb...@arbor.net> wrote: > > >> On 14 Dec 2014, at 4:36, Rubens Kuhl wrote: >> >> What I'm curios about is how we measure code diversity among those 3 >> platforms; would using any 2 of the 3 be diverse enough for long-term >> survivability, or are they too similar in architecture ? > > While it sounds good on phosphor, the concept of code diversity is so > abstract, compared to the significant operational challenges and associated > security challenges of operating separate systems performing the same > functions (sort of), but differently, that any potential benefit is generally > outweighed by the negative impact to security posture of said challenges. > > ----------------------------------- > Roland Dobbins <rdobb...@arbor.net> > ____________________________________________ _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
