nanog mailing list archives

RE: Even you can be hacked

From: Randy Bush <randy () psg com>
Date: Fri, 11 Jun 2004 14:18:28 -0700


the bottom line

  o if you want the internet to continue to innovate, then
    the end-to-end model is critical.  it means that it
    takes only X colluding end-poits to deploy an new
    application which might be the next killer ap which
    drives your business.  remember, email was not part of
    the original spec; http was not; jabber was not; ...

    this is in opposition to the telco model, where billions
    need to be spent uprading a smart middle to do anything
    new.  and guess who gets the profits, if any considering
    what the deployment did to capex and opex.

  o this means that the network will also transport bad
    things; kinda like the phone network will carry obscene
    calls.  damned shame, but that's the price you pay for
    liberty.  or you can ask john poindexter (aka vigilante
    isps) to defend liberty for you and find all sorts of
    very unlovely and long term consequences.

  o this moves the burden for security to the edges, to the
    site boundaries, which may not care if their users can
    be early adopters of the next wannabe killer ap, and to
    the end-points, the hosts themselves.

  o but there are jillions of end-points; well yes, there
    are jillions of telephones too.  and it's gonna be hell
    to clean up after the fact that they were designed
    without security, some have 80 jillion lines of code
    sitting on the laptops of naive users, blah blah.  

    you want to support a free society, then the poupulace
    has to be educated.  ain't no magic pixie dust here.
    they know how to recognize and maybe even report a
    'breather' when they pick up the phone.  we'll they
    gotta recognize a bad attachment when they get the
    email.

    and the software vendors have to clean up the jillions
    of lines of cr^h^hsoftware they have on the end users'
    desktops.  and they are, half out of clue and half out
    of the smell of liability.  but it will take a while.

there ain't no free lunch.

randy, who is clearly thinking of lunch, or maybe just out
       to lunch

Current thread:

Re: Even you can be hacked, (continued)
- - Re: Even you can be hacked Wayne E. Bouchard (Jun 10)
    - Re: Even you can be hacked Adam Debus (Jun 10)
    - Re: Even you can be hacked Randy Bush (Jun 10)
- Re: Even you can be hacked James Reid (Jun 11)
  - Re: Even you can be hacked Owen DeLong (Jun 11)
    - Re: Even you can be hacked Stephen Sprunk (Jun 11)
- RE: Even you can be hacked McBurnett, Jim (Jun 10)
- Re: Even you can be hacked dunger-nanog1087 (Jun 10)
- RE: Even you can be hacked David Schwartz (Jun 11)
  - RE: Even you can be hacked Adi Linden (Jun 11)
    - RE: Even you can be hacked Randy Bush (Jun 11)
    - Re: Even you can be hacked Steven M. Bellovin (Jun 11)
    - RE: Even you can be hacked Alex Bligh (Jun 11)
    - RE: Even you can be hacked Henry Linneweh (Jun 11)
    - RE: Even you can be hacked Randy Bush (Jun 11)
    - RE: Even you can be hacked David Schwartz (Jun 11)
    - Points on your Internet driver's license (was RE: Even you can be hacked) Sean Donelan (Jun 11)
    - Re: Points on your Internet driver's license (was RE: Even you can be hacked) Randy Bush (Jun 11)
    - Re: Points on your Internet driver's license (was RE: Even you can be hacked) Jonathan Nichols (Jun 11)
    - Re: Points on your Internet driver's license (was RE: Even you can be hacked) Randy Bush (Jun 11)
    - Re: Points on your Internet driver's license (was RE: Even you can be hacked) Jonathan Nichols (Jun 11)

(Thread continues...)