Educause Security Discussion mailing list archives

Re: New Internet for Security

From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Tue, 17 Feb 2009 12:50:37 -0500

On Sun, 15 Feb 2009 09:46:57 EST, Theresa Rowe said:

"Bad enough that there is a growing belief among engineers and security
experts that Internet security and privacy have become so maddeningly
elusive that the only way to fix the problem is to start over."

Do you think it is really that bad?


It's that bad, but "a new internet" won't fix the *real* problems, which
are centered around endpoint security issues - web servers getting whacked,
laptops getting lost, Joe Sixpack machines getting zombied, the inability
to arrest, try, and convict miscreants, and similar issues.

Measured against that standard, the fact that BGP isn't all that secure
(particularly in the "what AS *should* be announcing this prefix?" area that
allows routing table prefix hijacking"), and that roughly a third of the
providers out there *still* can't get their brains wrapped around the
concept of ingress/egress filtering their edge-node customers, are minor issues.

Attachment: _bin
Description:

Current thread:

Re: New Internet for Security, (continued)
- Re: New Internet for Security Tracy Mitrano (Feb 15)
- Re: New Internet for Security David Shettler (Feb 15)
- Re: New Internet for Security Jeffrey I. Schiller (Feb 15)
- Re: New Internet for Security John Bambenek (Feb 15)
- Re: New Internet for Security Leo Song (Feb 15)
- Re: New Internet for Security Dennis Meharchand (Feb 15)
- Re: New Internet for Security Kevin Shalla (Feb 16)
- Re: New Internet for Security Hugh Burley (Feb 16)
- Re: New Internet for Security Keith Schoenefeld (Feb 16)
- Re: New Internet for Security Valdis Kletnieks (Feb 17)
- Re: New Internet for Security Valdis Kletnieks (Feb 17)