Krebs on Security booted off Akamai network after DDoS attack proves pricey

Large Hadron Collider large.hadron.collider at
Sun Oct 9 19:50:49 UTC 2016

Sorry florian. Meant to put it to list.

On 2016-10-09 12:25 PM, Large Hadron Collider wrote:
> On 2016-10-09 04:20 AM, Florian Weimer wrote:
>> * Eliot Lear:
>>> Not my end goal.  My end goal is that consumers have a means to limit
>>> risk in their home environments, and service providers have a means to
>>> deliver that to them.
>> They already have, with today's technology.  It's just not a
>> mass-market business.  Consumers either have to educate themselves
>> (which is not that hard), and service providers need to provide actual
>> service, instead charging a fee for access to a computer system.
>> There is little interest in this, however.  There's a comparable
>> business case for providing managed PCs to consumers, and I'm not sure
>> if any such companies are still left.
> I'd wager that after the Indian tech support fucks, they've went like 
> "too risky"
> But yeah there's a good case. If I had it in me I'd hire a bunch of 
> people to manage consumers' managed PCs.
>>>> I'm not convinced that expected traffic profiles are the right answer.
>>>> We already have that in the server hosting market, and it does
>>>> constraint the types of services you can run on hosted servers (for
>>>> the hosting providers who does this).  I'm wary of the network putting
>>>> severe constraints on application architecture, way beyond what is
>>>> dictated by current technology.  NAT more or less killed servers on
>>>> consumer networks, and this kind of traffic profiling has begun to
>>>> kill clients on server networks.
>>> The whole point of MUD is to leave control in the hands of those who
>>> have developed and have to support Things.  It is not simply for the SP
>>> to decide what traffic is ok, or to charge more for it, but to respect
>>> the wishes of the developers.  That may be sufficient to stop a lot of
>>> bad things from happening to a lot of Things.
>> Nobody respects what developers want, otherwise we wouldn't have any
>> shipping products at all.
>> What I'm trying to say: Cutting corners is more often a
>> non-development decision.  If you can ship today without any security,
>> or at some unknowable date in the future, with additional security
>> features whose impact may not matter, things usually head for the
>> earlier shipping date.
>> I used to be frustrated by such decisions, but over the past few
>> years, I've come to realize that most of us have so little data on the
>> effectiveness of security features that mandates for them are
>> essentially arbitrary.
>>> And again, this is the wrong way to look at it.  The consumer should
>>> always get final say.  They're the customer.  This is a chance for the
>>> manufacturer of the device they're using to explain how the device is
>>> supposed to behave on the network.
>> If we want to make consumers to make informed decisions, they need to
>> learn how things work up to a certain level.  And then current
>> technology already works.
>> (Sorry that I'm not inclined to read upon the specs—I do wonder how
>> this an improvement over UPnP.)

More information about the NANOG mailing list