gated communities - was Re: mitigating botnet

• Previous message (by thread): gated communities - was Re: mitigating botnet
• Next message (by thread): mitigating botnet C&Cs has become useless
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

It was pointed out to me that I'm even less of a historian than a 
lawyer...walls became unimportant (security-wise) when warfare 
changed.  But still, what's being defended has also changed.

At 10:22 AM -0400 8/2/06, Edward Lewis wrote:
>At 6:29 AM +0000 8/2/06, Paul Vixie wrote:
>
>>as was true of spam when i said this about spam ten years ago, it is true
>>now of botnets that the only technical solution is "gated communities".  but
>>the internet's culture, which merely mirrors the biases of those who use it,
>>requires the ability for children to go door to door selling girl scout
>>cookies, without necessarily having the key code to every one of the doors.
>
>I agree with this in a number of dimensions.
>
>One, look at mankind's physical security over the centuries.  Walled 
>cities were once in vogue for defense.  (Sieges were a DOS attack.) 
>Walled defenses evolved over time, yet there was always a need to 
>have gates for commerce.  Eventually walls have become unimportant 
>(mere tourist curiosities) as wealth has shifted from the physical 
>to monetary realm (and then from gold bars to electronic accounts).
>
>The goals of attacks, and the methods of attack shift.  Defensive 
>strategies must, okay, ought to shift too.
>
>Two, look at the DHS recommendation to secure the Internet via 
>DNSSEC and enhancing BGP.  What amounts to an unfunded mandate to 
>everyone to "protect themselves" hasn't given much impetus to 
>everybody pitching in and making a safer Internet.  My 
>recommendation would have been for the DHS to say to the (US 
>Federal) government "the Internet's an unsafe place, protect your 
>self in dealing with contractors and bidders but requiring all 
>transactions be done with suitable security."  Basically protect 
>your own first, recommend safer actions for others, and allow those 
>that want to be at risk to continue doing so.
>
>What I mean here is that building a gated community is more likely 
>to happen around the assets the government needs to protect than the 
>government is going to get others to voluntarily spend more 
>resources to defend against boogymen that may or may not exist. 
>Money is more easily spent to answer a need you know than to follow 
>a recommendation from someone you don't.
>
>What is considered an acceptable level of safety is relative.  For 
>those who get to ride in cars (taxis) around the world, how many 
>times have you been in a cab that has done something illegal in your 
>home country but is considered safe in another (because the action 
>is 'expected')?
>
>Gated communities, wall gardens, same thing.  Both are counter to 
>the philosophy of which spawned the Internet.  But they may also be 
>the only way to make the Internet a reliable tool for mankind and 
>not just an academic exercise run amok.
>
>--
>-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
>Edward Lewis                                                +1-571-434-5468
>NeuStar
>
>Soccer/Futbol. IPv6.  Both have lots of 1's and 0's and have a hard time
>catching on in North America.

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis                                                +1-571-434-5468
NeuStar

Soccer/Futbol. IPv6.  Both have lots of 1's and 0's and have a hard time
catching on in North America.

• Previous message (by thread): gated communities - was Re: mitigating botnet
• Next message (by thread): mitigating botnet C&Cs has become useless
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]