Packet anonymity is the problem?

• Previous message (by thread): Packet anonymity is the problem?
• Next message (by thread): Postmaster, hostmaster etc....
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In message <C7AA377F-8B92-11D8-8702-000A95CD987A at muada.com>, Iljitsch van Beijn
um writes:
>
>
>>   Bellovin compared the situation to bank robberies. "[S]treets, 
>> highways
>>   and getaway cars don't cause bank robberies, nor will redesigning 
>> them
>>   solve the problem. The flaws are in the banks," he said. Similarly, 
>> most
>>   security problems are due to buggy code, and changing the network 
>> will
>>   not affect that.
>
>Ok, then explain to me how removing bugs from the code I run prevents 
>me from being the victim of denial of service attacks.
>
That's where my analogy breaks down -- but you're being victimized 
largely because of bugs in code other people run.  I stand by my 
statement: most of the security problems we have on the 
Internet are due to buggy code.  (If you want to stretch the analogy, 
imagine a bogus newspaper report that stimulates uncritical readers to 
withdraw their money.  It's called a run on the bank, and it's every 
bit as much a denial of service issue as excess packet floods -- bank 
runs are transaction rates much greater than what the (financial) 
system was designed to handle.  And when they're triggered by false 
rumors -- well, you get the picture, and my metaphors are stretched too 
thin as is.)


		--Steve Bellovin, http://www.research.att.com/~smb

• Previous message (by thread): Packet anonymity is the problem?
• Next message (by thread): Postmaster, hostmaster etc....
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]