"The Natural Philosopher" wrote in message
...
David WE Roberts wrote:

"Bernard Peek" wrote in message
...
On 26/02/12 22:08, The Natural Philosopher wrote:
Bernard Peek wrote:
On 26/02/12 20:58, The Natural Philosopher wrote:

Well thats uyouir knowelege limits and I have mine.

I know.

Let's say that if anyone has broken in they have left no trace and
altered nothing. Or I would *know*. Which makes it 'not compromised'

Absence of evidence is not evidence of absence.


Hint: there is no such thing as an undetectable change.

I'd like to see evidence for that assertion.

Are you really stupid?

I'm a philosopher. I was hoping that you knew something that I didn't
and I could learn something. It seemed improbable given the ignorance
that you appeared to be displaying but hope springs eternal.


If a change makes no difference to anything, ipso facto, it is not a
change. All changes therefore must make a difference, and are therefore
detectable.

Yes, but as I pointed out in the post to which you replied absence of
evidence is not evidence of absence. You can know that you haven't
detected a change, but you can't know that there is no change. Absence
of a change is not detectable.


Why don't we ask Schrödinger's cat?
Damn - it's hiding in its box.

Best you can do is affirm that you have been unable to detect a
significant change in the items you are measuring and this meets your
requirements for assurance and security.


exactly, An undetectable change that results in no detectable activity by
anyone in the whole universe is not a security risk.

Come on, sense of balance ;-)
You are not everyone in the Universe.
There might be someone out there who knows a way to change a system which is
not detectable by the currently publicly available tools.
The likelihood of this, and also the added likelihood of this person
choosing to attack your system instead of any other, is part of your risk
assessment.

--
No plan survives contact with the enemy.
[Not even bunny]

Helmuth von Moltke the Elder

(\__/)
(='.'=)
(")_(")