Targeting (was Castles and Security)

["Stephen P. Berry" <spb () meshuggeneh net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Marcus J. Ranum writes:

> I keep coming back to this issue of improving targeting and it seems like
> lots of people don't "get it" - I'm worried that I'm not communicating
> effectively, or something. Am I being obscure?

The concept is clear.  I also think it's bunk---you're not improving
your targetting, you're redefining your target.  This may or may not be
a good thing, but that it constitutes an improvement is by no means
an obvious or necessary conclusion.

Consider a population of n entities, p(n).  Let's imagine some Bad Thing c
that some of these entities do, and call the number of entites that
do it p(c).  To help segregate p(c) from the rest of p(n), we define some
other Bad Thing d (which is easier to detect or prove than c is),
and then start segregating p(d) from p(n).

The reason why we'd do this is presumably that we expect that if
we start segregating p(d) from the rest of p(n), we'll pick up
a significant portion of p(c) in the process.  Even if we know
that p(c) is a subset of p(d), it's not clear that this is a good
strategy if:

        -We're only allowed a limited number of `picks' from p(d)---i.e.,
         we don't expect to be able to grab all of p(d)
        -We're getting a random sampling of p(d)---that is, we don't
         have a scheme for selecting members of p(d) out of p(n)
         such that our chances of getting a member of p(c) in the
         process are better than P{p(c)/p(d)}

In fact, the only time when going after p(d) when you really want p(c)
looks like a winning proposition is when p(c)/p(d) is reasonably
close to 1.  What consistutes `reasonably close' will depend on
the number of `picks' you get (presumably governed in practise by
things like the acceptable number of prisoners/executions/deportations
or whatever), the actual size of p(c) relative to p(d), and what
the payoff for eliminating members of p(c) is[0].

Although I'm sure many readers get nervous (or just bail) when a
problem is described this way---most of us are interested in the
practise rather than the theory---but I'm making a conscious effort
to avoid arguing by analogy or anecdote.  That being said, I
can't think of many examples from the historical record where this
sort[1] of `improved tageting' has worked...and I can think of
many where it has not.






- -Steve

- -----
0     And does the payoff vary linearly with number of eliminated
      members of p(c), and does the cost of eliminating additional
      members of p(c) also vary linearly.
1     That is, for social rather than political or military ends.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.3 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE6WiQpG3kIaxeRZl8RAqrHAKCYYMFivEzwG9cQRSPjfCtcUy6smACgr+ZL
m+0e+mbGPIsB0TUdkzzt7mU=
=PNgw
-----END PGP SIGNATURE-----

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards