Re: NYT article on the (ever-more-sophitsticated) bot wars

[David Farber <dave () farber net>]

I concur with Spaf djf


Begin forwarded message:

From: Gene Spafford <spaf () cerias purdue edu>
Date: December 9, 2008 12:26:14 PM EST
To: dave () farber net
Cc: ip <ip () v2 listbox com>, thvv-post () multicians org
Subject: Re: [IP] Re:   NYT article on the (ever-more-sophitsticated)  
bot wars

It's not surprising how those of us who have really been working in  
cybersec for more than a few years (and not working for one of the  
major vendors) all say the same thing -- you can't add on security  
after-the-fact.   It is not possible to add anything to the existing  
infrastructure and really get good security.


It's unfortunate that (for "political" reasons) every report on the  
topic that bubbles up to high levels suggests that if only we  
coordinate enough and invest enough, we can patch the current steaming  
pile in some way.

No report points out that the people responsible have been told that  
this can't work but they continue with business as usual.  No one  
reports that we continue to throw good money after bad by buying and  
deploying the same gunk that got us in this mess.

And if there is a high-level commission put together to examine the  
issue, the leadership is chosen from the leading vendors of the stuff  
that is broken, or who authorize(d) the purchase of that broken stuff.


Thus, it isn't surprising that those of us who work in cybersec and  
really know the details (and this excludes almost all "hackers") are  
also known as major cynics.




-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com