Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Ok, so now we have a firewall, we're safe, right?

From: Chris Blask <chris () blask org>
Date: Mon, 30 May 2005 23:30:05 -0400
Hey Ben!

At 04:20 PM 5/30/2005, Ben Nagy wrote:
.d.


I wrote the below in an awful hurry, but it amplifies Paul's point. The
threats we're looking at today aren't really anything like they were when we
all got into this business. Sure, the _vectors_ are the same, and the
patented MJR/Fred/Paul methodology will still help you out against the huge
bulk of them. The point is that there is less and less margin for error.

Anyway, small, self-indulgent rant follows.


.d. well-voiced rant


Anyway, nothing above is really original. To me it all seems obvious, but
whenever I talk about this stuff to the 'general public' they are all
shocked, so maybe some subscribers will find it interesting.
What you wrote is a very cognizant view of our situation, of appropriate length and catchy content for the brighter than average chimps - er, laypersons - to read and feel comfortable that they had seen through a reliable window into what would otherwise be to them a dark and mysterious world. It is a good bit of writing on an interesting topic that is as close to most peoples' worlds as black FBI helicopters.
That's the point we all lose after the first few years of really understanding this stuff - No-one Else Does. 

Nobody, nada, not a soul.
The Queen of the Ants would certainly count up the finite number of us who do and call it "zero". We're talking about 6,000,000,000 people here, and there ain't more than a football-stadium-full of folks among them that have Clue #1 about infosec. We aren't even the High School Chess Club - we're the person in about 1-in-100 schools who is so quirkily bright we make the chess club members uncomfortable. A stray bullet is more likely to hit a six-foot albino in Zimbabwe than an infosec expert in Michigan.
Just because you all understand all or some of this stuff, try not to forget that the person next to you on the bus still hasn't spent five minutes talking to anyone with a clue yet, and statistically never will. 

This means a couple important things:
o When you get a chance to address them, try to give them something specific they can use - some meme that they can run in their heads and improve in some way their posture. When you give them a good meme, they'll share it with their friends and it could propagate to the general betterment. Otherwise, it's all just background noise they heard some Wednesday.
o We can't win this battle by delivering the level of education we expect of each other to six times ten to the ninth people. We need to identify the appropriate amount and content of knowledge to deliver to a variety of demographics, and build an Internet that securely supports what they can be taught.
o End-user security is optimized in direct proportion to our ability to make it simple.
There's every reason to think we can do all this stuff. The project is underway and everything's generally running well so far, inasmuch as barely-manageable chaos can. Users have been taught enough to respond to direction, and from time to time we give them good direction.
Eating whales may seem to take forever, but sooner or later you're down to flukes and limp parsley. 

-cheers!

-chris


Chris Blask
chris () blask org
http://blaskworks.blogspot.com

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: