Schneier: ISPs should bear security burden

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Sun May 1 21:38:00 UTC 2005


On Sun, 01 May 2005 21:23:11 +0200, Brad Knowles said:
> At 1:07 PM -0400 2005-05-01, Valdis.Kletnieks at vt.edu wrote:
> 
> >  I don't think *anybody* seriously expects the bus company to deny passage 
to
> >  people who happen to be burglars using public transportation to get to the
ir
> >  next work site....
> 
> 	If they're wearing Balaclavas, full body armor, and carrying 
> AK-47s, along with large sacks slung over their shoulders (either 
> full or empty), then yes -- I would expect the bus driver to do 
> everything he could to try to avoid picking them up.

But you see - that's because *those* passengers likely pose a threat to the
people *on the bus*.  The fun starts when you start making passengers turn out
their pockets and you try to figure out if that guy dressed like a mechanic
heading home from work has a piece of bent metal in his pocket - is it an Allen
wrench or a lockpick (note that many SQL-injection attacks *are* that level of
subtlety - so it's not an outrageous comparison), and figure out what their
intentions are once the get off the bus...

(And remember - the TSA is trying to go that route.  They now ban lighters
because somebody tried to light a shoe bomb with matches.  Is that how
you want to run your network? ;)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20050501/4312a342/attachment.sig>


More information about the NANOG mailing list