Dailydave mailing list archives
Ah, oo, uh, ie.
From: "Williams, James K" <James.Williams () ca com>
Date: Fri, 31 Mar 2006 11:22:40 -0500
I'm sure your tongue is somewhat in your cheek so I hope I'm not being
too
pedantic, but saying "who cares" about shutting down malicious sites
is a
bit like saying "who cares about arresting petty criminals with
handguns
when you can be killed by snipers with fancy rifles." It's true that shutting down these malicious sites doesn't fix the vulnerability or make targeted attacks any less likely, but it does
reduce
the overall probability that joe user will be donating his DSL line to
a
botnet for the foreseeable future. Solving 50% of the problem isn't as good as solving 100% of the
problem, but
it's a lot better than solving 0%.. When dealing with the messy real
world,
you can't let the perfect be the enemy of the good. -Bryan
So true. The concept is much easier to understand if you have a) been the network admin for a 1,000+ user network, b) worked in a large scale software development env w/ shareholders and lots of Fortune 500 customers to answer to, or c) worked in the IT dept at a large public university. I'm willing to bet that most of the people who flame MS on Bugtraq and FD have not done a, b, or c. Regards, Ken Williams
Current thread:
- Ah, oo, uh, ie. Dave Aitel (Mar 30)
- Re: Ah, oo, uh, ie. Bryan Burns (Mar 30)
- Re: Ah, oo, uh, ie. H D Moore (Mar 31)
- <Possible follow-ups>
- Ah, oo, uh, ie. Williams, James K (Mar 31)