funsec mailing list archives
Re: Citizen cyber-protectors?
From: Kyle Creyts <kyle.creyts () gmail com>
Date: Thu, 19 Jul 2012 05:04:52 -0700
Well, of course it isn't. I feel that my message clearly highlights that, since I didn't suggest that it was a "so-called" 1%. I wonder what impact recent, well-known, media-covered events have done to augment the general population's interest in security? I know some will be quite quick to suggest that few things shift that quantity in any notable way, but that strikes me as the patent and premature dismissal of an interesting question by a jaded (perhaps "read:experienced?") individual. Some hard data and discussion would be interesting to me. On Jul 19, 2012 4:34 AM, "Drsolly" <drsollyp () drsolly com> wrote:
Funsec isn't a representative sample of people. On Thu, 19 Jul 2012, Kyle Creyts wrote:I am part of the 1%. On Jul 19, 2012 2:31 AM, "Drsolly" <drsollyp () drsolly com> wrote:If someone can't be bothered to write their thoughts down, and requiremeto spend 20 minutes to watch a video giving views that I could havereadin one minute, then I'm not going to devote my time to listen to them. Since I haven't heard what he has to say, I cannot comment on hisviews.Except to point out that 99% of people are as interested in computer security as they are in beetle collecting. And anything that depends on them being more interested than that, or better informed, is doomed. On Wed, 18 Jul 2012, Rob, grandpa of Ryan, Trevor, Devon & Hannahwrote:Marc Goodman (who I believe is https://twitter.com/FutureCrimes and http://www.futurecrimes.com/ ) gave a recent TED talk on trends intheuse ofhigh technology in crime:http://www.ted.com/talks/marc_goodman_a_vision_of_crimes_in_the_future.htmlThe 20 minute talk is frightening, with very little in the way ofcomfort for theprotection or security side. He ends with a call for crowdsourcingofprotection.Now as a transparent society/open source/full disclosure kind ofguy, Ilike thegeneral idea. But, as someone who has been involved in education,securityawareness, and professional security training for some time, I see afewproblems.For crowdsourcing to work, you need a critical mass of at leastminimally capablepeople. When you are talking about a weather reporting app, thatminimalcapability isn't much. When you are talking about detecting cyberwarorbioweapons, the capability levels are a bit different. Just yesterday the PNWER (Pacific NorthWest Economic Region http://www.pnwer.org/ ) conference became the latest to bemoan thelackoftrained employees. I rather suspect these constant complaints,since Isee lots ofpeople out of work. But the people who are whining about employeesarejustlooking for network admins and such. We need people with more depthandmorebreadth in their backgrounds. I get CISSP candidates in my seminarswhoarenetwork admins who simply want to know a few ACLS for firewalls. Ihavetokeep telling them that security professionals need to know more thanthat.Yes, I am privileged to be able to meet a number who *are*interested inlearningeverything possible in order to meet any need or problem. But,relativelyspeaking, those are few. And my sample set tends to be abnormal, inthat theseare people who have already shown some interest in training (even ifonly jobrelated). What Goodman is talking about is the general public. Andthose of uswho have actually tried security awareness know how little conceptualawarenesswe have to build on, let alone advanced technical knowledge. I think awareness, self-protection, and crowdsourcing is probably theonly goodway to approach the problems Goodman outlines. I just worry that wehave a longway to go. http://blogs.securiteam.com/index.php/archives/1793 ====================== (quote inserted randomly by Pegasus Mailer) rslade () vcn bc ca slade () victoria tc carslade () computercrime orgOn Friday, January 23rd, 2004, in a speech at the World Economic Forum in Davos, Switzerland, Bill Gates stated `Two years from now, spam will be solved.' victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links http://blogs.securiteam.com/index.php/archives/author/p1/ http://twitter.com/rslade _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list._______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Citizen cyber-protectors? Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jul 18)
- Re: Citizen cyber-protectors? Drsolly (Jul 19)
- Re: Citizen cyber-protectors? Kyle Creyts (Jul 19)
- Re: Citizen cyber-protectors? Drsolly (Jul 19)
- Re: Citizen cyber-protectors? Kyle Creyts (Jul 19)
- Re: Citizen cyber-protectors? Drsolly (Jul 19)
- Re: Citizen cyber-protectors? Kyle Creyts (Jul 19)
- Re: Citizen cyber-protectors? michael.blanchard (Jul 19)
- Re: Citizen cyber-protectors? Drsolly (Jul 19)
- Re: Citizen cyber-protectors? michael.blanchard (Jul 19)
- Re: Citizen cyber-protectors? valdis . kletnieks (Jul 19)
- Re: Citizen cyber-protectors? Drsolly (Jul 19)
- Re: Citizen cyber-protectors? Drsolly (Jul 19)
- Re: Citizen cyber-protectors? Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jul 19)
- Re: Citizen cyber-protectors? Kyle Creyts (Jul 19)