RE: [fw-wiz] VPN endpoints (Now OT survey rant)

From: Melson, Paul (
Date: 08/31/04

  • Next message: anyluser: "Re: [fw-wiz] VPN endpoint"
    To: "Marcus J. Ranum" <>, "Devdas Bhagat" <>, <>
    Date: Tue, 31 Aug 2004 09:37:17 -0400

    > -----Original Message-----
    > Specifically, many security surveys are based on
    > self-selected samples (e.g: "polls"). When you do a poll,
    > what you're doing is
    > asking "Please fill this out." But there are a lot of assumptions
    > that get dropped on the floor. :( What you're really measuring is:
    > - How much the person cared about the topic (motive to
    > - How honest the respondent is (hard to verify)
    > - Other factors (hard to predict)

    I think it goes deeper than that. Even if many of these surveys had an
    appropriately selected sampling of respondents and the proper analysis
    was performed (t-tests, ANOVA, Chi square, etc.) to minimize the effect
    of outliers (or out-and-out liars), they would still be relatively
    useless because of the manner in which most of the questions are asked
    and answered. Most are multiple choice without a scale or option to
    skip or provide a 'null' answer, and wording is rarely consistent.
    You'd never make it out of an undergraduate research class with any of
    the satisfaction or marketing surveys I've seen lately. (Which raises
    some other unsettling questions about the sources of these surveys...)

    Unfortunately, this doesn't seem to be something that IT marketers have
    a lock on, either. It seems to be everywhere (including this years'
    election race). So, I guess what I'm saying to anyone still reading is,
    please do us all a favor and blow off as many surveys and polls as you
    can. If you're going to contribute to the FUD, contribute accurately
    (by not contributing). :-)


    firewall-wizards mailing list

  • Next message: anyluser: "Re: [fw-wiz] VPN endpoint"