Firewall Wizards mailing list archives
Targeting (was Castles and Security)
From: "Stephen P. Berry" <spb () meshuggeneh net>
Date: Mon, 08 Jan 2001 12:34:34 -0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Marcus J. Ranum writes:
I keep coming back to this issue of improving targeting and it seems like lots of people don't "get it" - I'm worried that I'm not communicating effectively, or something. Am I being obscure?
The concept is clear. I also think it's bunk---you're not improving your targetting, you're redefining your target. This may or may not be a good thing, but that it constitutes an improvement is by no means an obvious or necessary conclusion. Consider a population of n entities, p(n). Let's imagine some Bad Thing c that some of these entities do, and call the number of entites that do it p(c). To help segregate p(c) from the rest of p(n), we define some other Bad Thing d (which is easier to detect or prove than c is), and then start segregating p(d) from p(n). The reason why we'd do this is presumably that we expect that if we start segregating p(d) from the rest of p(n), we'll pick up a significant portion of p(c) in the process. Even if we know that p(c) is a subset of p(d), it's not clear that this is a good strategy if: -We're only allowed a limited number of `picks' from p(d)---i.e., we don't expect to be able to grab all of p(d) -We're getting a random sampling of p(d)---that is, we don't have a scheme for selecting members of p(d) out of p(n) such that our chances of getting a member of p(c) in the process are better than P{p(c)/p(d)} In fact, the only time when going after p(d) when you really want p(c) looks like a winning proposition is when p(c)/p(d) is reasonably close to 1. What consistutes `reasonably close' will depend on the number of `picks' you get (presumably governed in practise by things like the acceptable number of prisoners/executions/deportations or whatever), the actual size of p(c) relative to p(d), and what the payoff for eliminating members of p(c) is[0]. Although I'm sure many readers get nervous (or just bail) when a problem is described this way---most of us are interested in the practise rather than the theory---but I'm making a conscious effort to avoid arguing by analogy or anecdote. That being said, I can't think of many examples from the historical record where this sort[1] of `improved tageting' has worked...and I can think of many where it has not. - -Steve - ----- 0 And does the payoff vary linearly with number of eliminated members of p(c), and does the cost of eliminating additional members of p(c) also vary linearly. 1 That is, for social rather than political or military ends. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.3 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6WiQpG3kIaxeRZl8RAqrHAKCYYMFivEzwG9cQRSPjfCtcUy6smACgr+ZL m+0e+mbGPIsB0TUdkzzt7mU= =PNgw -----END PGP SIGNATURE----- _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Castles and Security (fwd), (continued)
- Re: Castles and Security (fwd) John McDermott (Jan 03)
- Re: Castles and Security (fwd) Darren Reed (Jan 03)
- Re: Castles and Security (fwd) M.Schubert (Jan 04)
- Re: Castles and Security (fwd) Darren Reed (Jan 03)
- Re: Castles and Security Title Randy Grimshaw (Jan 04)
- RE: Castles and Security (fwd) daN. (Jan 03)
- RE: Castles and Security (fwd) Marcus J. Ranum (Jan 04)
- Re: Castles and Security (fwd) Neil Buckley (Jan 05)
- Re: Castles and Security (fwd) Adam Shostack (Jan 08)
- Targeting (was Castles and Security) Stephen P. Berry (Jan 08)
- Re: Castles and Security (fwd) Darren Reed (Jan 03)
- Re: Castles and Security (fwd) George Capehart (Jan 05)
- Re: Castles and Security (fwd) Ryan Russell (Jan 08)
- Re: Castles and Security (fwd) George Capehart (Jan 08)