6. Trustworthy Beginnings

We’ve often heard the phrase “don’t shoot the messenger.” But if you can’t trust the messenger, can you trust the message? Our crypto-savvy readers will all shout “Yes!” But like any tool, cryptography can only be part of the solution; it can’t be all of it. Cryptography can tell us whether the results of a system check differ from the last test, or they can hide the results from prying eyes. However, cryptography isn’t going to tell us whether our systems are secure in the first place. I’ve been asked whether I think virtual private networks (VPNs) are the answer. The reasoning goes something like “if I only allow authorized individuals to connect securely to my systems, how can I be harmed?” I tell the person asking ...

Get Endpoint Security now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.