nanog mailing list archives
RE: Even you can be hacked
From: Randy Bush <randy () psg com>
Date: Fri, 11 Jun 2004 14:18:28 -0700
the bottom line o if you want the internet to continue to innovate, then the end-to-end model is critical. it means that it takes only X colluding end-poits to deploy an new application which might be the next killer ap which drives your business. remember, email was not part of the original spec; http was not; jabber was not; ... this is in opposition to the telco model, where billions need to be spent uprading a smart middle to do anything new. and guess who gets the profits, if any considering what the deployment did to capex and opex. o this means that the network will also transport bad things; kinda like the phone network will carry obscene calls. damned shame, but that's the price you pay for liberty. or you can ask john poindexter (aka vigilante isps) to defend liberty for you and find all sorts of very unlovely and long term consequences. o this moves the burden for security to the edges, to the site boundaries, which may not care if their users can be early adopters of the next wannabe killer ap, and to the end-points, the hosts themselves. o but there are jillions of end-points; well yes, there are jillions of telephones too. and it's gonna be hell to clean up after the fact that they were designed without security, some have 80 jillion lines of code sitting on the laptops of naive users, blah blah. you want to support a free society, then the poupulace has to be educated. ain't no magic pixie dust here. they know how to recognize and maybe even report a 'breather' when they pick up the phone. we'll they gotta recognize a bad attachment when they get the email. and the software vendors have to clean up the jillions of lines of cr^h^hsoftware they have on the end users' desktops. and they are, half out of clue and half out of the smell of liability. but it will take a while. there ain't no free lunch. randy, who is clearly thinking of lunch, or maybe just out to lunch
Current thread:
- Re: Even you can be hacked, (continued)
- Re: Even you can be hacked Wayne E. Bouchard (Jun 10)
- Re: Even you can be hacked Adam Debus (Jun 10)
- Re: Even you can be hacked Randy Bush (Jun 10)
- Re: Even you can be hacked Wayne E. Bouchard (Jun 10)
- Re: Even you can be hacked James Reid (Jun 11)
- Re: Even you can be hacked Owen DeLong (Jun 11)
- Re: Even you can be hacked Stephen Sprunk (Jun 11)
- Re: Even you can be hacked Owen DeLong (Jun 11)
- RE: Even you can be hacked McBurnett, Jim (Jun 10)
- Re: Even you can be hacked dunger-nanog1087 (Jun 10)
- RE: Even you can be hacked David Schwartz (Jun 11)
- RE: Even you can be hacked Adi Linden (Jun 11)
- RE: Even you can be hacked Randy Bush (Jun 11)
- Re: Even you can be hacked Steven M. Bellovin (Jun 11)
- RE: Even you can be hacked Alex Bligh (Jun 11)
- RE: Even you can be hacked Henry Linneweh (Jun 11)
- RE: Even you can be hacked Randy Bush (Jun 11)
- RE: Even you can be hacked Adi Linden (Jun 11)
- RE: Even you can be hacked David Schwartz (Jun 11)
- Points on your Internet driver's license (was RE: Even you can be hacked) Sean Donelan (Jun 11)
- Re: Points on your Internet driver's license (was RE: Even you can be hacked) Randy Bush (Jun 11)
- Re: Points on your Internet driver's license (was RE: Even you can be hacked) Jonathan Nichols (Jun 11)
- Re: Points on your Internet driver's license (was RE: Even you can be hacked) Randy Bush (Jun 11)
- Re: Points on your Internet driver's license (was RE: Even you can be hacked) Jonathan Nichols (Jun 11)