Interesting People mailing list archives
Re: pro regulation viewpoint on cyber vulnerabiltiy
From: David Farber <dave () farber net>
Date: Mon, 30 Mar 2009 18:28:43 -0400
Begin forwarded message: From: "Michael Kende" <Michael.Kende () analysysmason com> Date: March 30, 2009 5:36:45 PM EDT To: <dave () farber net> Cc: <avg () kotovnik com> Subject: RE: [IP] Re: pro regulation viewpoint on cyber vulnerabiltiy This makes absolutely no sense - the first statement is that there is no single case of market failure which couldn't be traced back to non-market intervention by a government, which is then followed by a statement in the third paragraph that using market failure as a justification for any policy is, at best, intellectually dishonest. In other words, it is a government failure if government does not intervene to prevent a market failure from arising, but if that market failure does arise anyway, it is intellectually dishonest for the government then to address it? In economic, every micro textbook has a definition of market failure (e.g. prices do not send proper signals about markets) and real-life examples (pollution). Michael -----Original Message----- From: David Farber [mailto:dave () farber net] Sent: Monday, March 30, 2009 4:51 PM To: ip Subject: [IP] Re: pro regulation viewpoint on cyber vulnerabiltiy Begin forwarded message: From: Vadim Antonov <avg () kotovnik com> Date: March 30, 2009 3:27:27 PM EDT To: David Farber <dave () farber net> Cc: ip <ip () v2 listbox com> Subject: Re: [IP] pro regulation viewpoint on cyber vulnerabiltiy David - for IP, if you wish. On Mon, 30 Mar 2009, David Farber wrote: > A paper that speaks to market failure is at:> http://www.csis.org/component/option,com_csis_pubs/task,view/id, 5370/t
> ype,1/ The sad truth is that there is no single documented case of "market failure" which couldn't be easily traced back to previous non-market intervention (by government or crime) - and these should be properly called "government failures", i.e. governments either doing what they shouldn't do (granting monopolies to politically connected parties, engaging in social engineering, etc), or failing in their duty to protect citizens. Just ask an economist to offer not a plausible theoretical scenario in which a market failure could occur - but a clear-cut real-life case of market failure, and then watch him squirming uncomfortably. Market failure is one of those elusive concepts which everybody seems to believe in, but which start to shift meaning, twist, and finally evaporate if a closer scrunity is applied. Using it as a justification for any policy is, at best, intellectually dishonest. When applied to "cybersecurity", the very first assertion that "market has failed to secure cyberspace" is a plain lie. Any real security expect knows that there's no such thing as absolute and perfect security. Better security comes with price - and this price increases exponentially if stronger (and rarer) treats are considered. Thus, securing any real installation requires finding a proper balance between security and cost - and in many cases that balance is on a side which any security-conscious person would find quite insecure (just think how long your front door would hold if someone wants to break in, or how your windows are totally penetrable with an aid of a brick). However, laminated cardboard doors and easily breakable glass windows are sufficient to deter majority of opportunistic criminals - and defending against determined thieves would be way too costly given that the chances that one would pay a visit are rather small. "Cybersecurity" is no different. Even with broken-by-design security model of Windows/Explorer use of a cheap consumer security product (Norton, etc) would be quite sufficient to achieve good-enough security. Nearly all people who suffered from attacks by hackers simply didn't consider security of their computers to be important enough to devote 15-20 minutes and few dozen dollars needed to find a product, buy, and install it. Well, there are people who don't bother to lock their doors and leave keys in the ignition locks of their cars - but for some reason there's no experts calling for federal programs to fix these "market falures". I think that is because, without the smoke screen of fancy jargon, any reasonable person would see inanity of any such proposal. --vadim ------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now RSS Feed: https://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.comThis email is confidential and is protected by copyright. When addressed to our clients it is subject to our terms and conditions of business.
Analysys Mason Limited is registered in England and Wales. Registered office: Bush House, North West Wing, London WC2B 4PJ, UK. Registered number 05177472. Tel +44 20 7395 9000. Email enquiries () analysysmason com or visit www.analysysmason.com
------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now RSS Feed: https://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- pro regulation viewpoint on cyber vulnerabiltiy David Farber (Mar 30)
- <Possible follow-ups>
- Re: pro regulation viewpoint on cyber vulnerabiltiy David Farber (Mar 30)
- Re: pro regulation viewpoint on cyber vulnerabiltiy David Farber (Mar 30)
- Re: pro regulation viewpoint on cyber vulnerabiltiy David Farber (Mar 30)
- Re: pro regulation viewpoint on cyber vulnerabiltiy David Farber (Mar 30)
- Re: pro regulation viewpoint on cyber vulnerabiltiy David Farber (Mar 31)
- Re: pro regulation viewpoint on cyber vulnerabiltiy David Farber (Mar 31)