gated communities - was Re: mitigating botnet

• Previous message (by thread): mitigating botnet C&Cs has become useless
• Next message (by thread): gated communities - was Re: mitigating botnet
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 6:29 AM +0000 8/2/06, Paul Vixie wrote:

>as was true of spam when i said this about spam ten years ago, it is true
>now of botnets that the only technical solution is "gated communities".  but
>the internet's culture, which merely mirrors the biases of those who use it,
>requires the ability for children to go door to door selling girl scout
>cookies, without necessarily having the key code to every one of the doors.

I agree with this in a number of dimensions.

One, look at mankind's physical security over the centuries.  Walled 
cities were once in vogue for defense.  (Sieges were a DOS attack.) 
Walled defenses evolved over time, yet there was always a need to 
have gates for commerce.  Eventually walls have become unimportant 
(mere tourist curiosities) as wealth has shifted from the physical to 
monetary realm (and then from gold bars to electronic accounts).

The goals of attacks, and the methods of attack shift.  Defensive 
strategies must, okay, ought to shift too.

Two, look at the DHS recommendation to secure the Internet via DNSSEC 
and enhancing BGP.  What amounts to an unfunded mandate to everyone 
to "protect themselves" hasn't given much impetus to everybody 
pitching in and making a safer Internet.  My recommendation would 
have been for the DHS to say to the (US Federal) government "the 
Internet's an unsafe place, protect your self in dealing with 
contractors and bidders but requiring all transactions be done with 
suitable security."  Basically protect your own first, recommend 
safer actions for others, and allow those that want to be at risk to 
continue doing so.

What I mean here is that building a gated community is more likely to 
happen around the assets the government needs to protect than the 
government is going to get others to voluntarily spend more resources 
to defend against boogymen that may or may not exist.  Money is more 
easily spent to answer a need you know than to follow a 
recommendation from someone you don't.

What is considered an acceptable level of safety is relative.  For 
those who get to ride in cars (taxis) around the world, how many 
times have you been in a cab that has done something illegal in your 
home country but is considered safe in another (because the action is 
'expected')?

Gated communities, wall gardens, same thing.  Both are counter to the 
philosophy of which spawned the Internet.  But they may also be the 
only way to make the Internet a reliable tool for mankind and not 
just an academic exercise run amok.

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis                                                +1-571-434-5468
NeuStar

Soccer/Futbol. IPv6.  Both have lots of 1's and 0's and have a hard time
catching on in North America.

• Previous message (by thread): mitigating botnet C&Cs has become useless
• Next message (by thread): gated communities - was Re: mitigating botnet
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]