Dailydave mailing list archives
Have Data will Travel/Make Policy Decisions
From: Dave Aitel <dave () immunityinc com>
Date: Wed, 2 Dec 2015 09:56:13 -0500
So yesterday I was listening to this great talk from UC Berkley's Oppenheimer series [1] where he says a number of hilarious things. For example, he says "Obviously the question of what happened before the Big Bang (which created SpaceTime) makes no sense, since the equations don't allow time to go negative. It makes no sense at all to ask what happens at time -1, for example. But yet. People keep asking the question. <shrugs in a very Russian way>" and "A lot of the things we see around us beg hard questions such as 'Why isn't the universe spinning around an axis? Galaxies have an axis, our solar system has an axis, and I don't mean a group of countries, but why when we look at the universe do we see the same number of galaxies in every direction? Where is the axis?" In any case, I'm about to dial into the NTIA meeting today. And it's interesting to see the documentation provided this time around which has various questions in it about vulnerability density. They're not going to solve any problem in that area. Or even approach a "Statement of Principles" on it. Because nobody in that room has the data to make any valid decisions or models about it. They're doing astronomy without any telescopes. It's all hypothetical questions about the nature of the Universe. One of the lessons you get from science is of course: EVEN IF YOU HAVE THE DATA THE ANALYSIS IS SUPER HARD WORK. In summary: If you're making models, algorithms, or policy decisions on "0day", but you have NO DATA, then you're doing astrology, not astronomy. Astrology, as any girl's Tinder profile will tell you, can be good marketing. But it should be left out of governance. -dave [1]: This dude is incredibly funny like most Russians. https://www.youtube.com/watch?v=qlHvQLxb4cw [2]: https://www.ntia.doc.gov/other-publication/2015/multistakeholder-process-cybersecurity-vulnerabilities
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Have Data will Travel/Make Policy Decisions Dave Aitel (Dec 02)