RE: [fw-wiz] A fun smackdown...

From: Jeremiah Cornelius (jeremiah_at_nur.net)
Date: 05/21/05

  • Next message: Chuck Swiger: "Re: [fw-wiz] A fun smackdown..." 
    To: "Marcus J. Ranum" <mjr@ranum.com>, "Paul D. Robertson" <paul@compuwar.net>, "Chuck Swiger" <chuck@codefab.com>
Date: Fri, 20 May 2005 22:23:26 -0700

    > Another perfect example of a bunch of egg-heads in the IETF
    > coming up with a mechanism for doing something that
    > completely ignored existing implementations of security
    > systems - and breaks as a result. The PMTU discovery
    > mechanism, using ICMP, was moronic design from the get-go.

    You're absolutely right, Marcus. But gosh! We are more curmudgeonly
    than usual.

    You remember as well as anyone here, how very different the 'climate'
    around purposes and uses of ARPA network technologies were.

    Culture is as important as technology in the development of truly large
    scale networks. The culture that produced the Internet valued
    communication as a higher priority than security. We can debate if this
    was a realistic set of values, but we can't fault it entirely.

    If the Internet had been formed in a security culture, there would be no
    popular Internet as we have known it from the mid-nineties onward. You
    _may_ regard that as a good thing. ;-)

    Cultures change less readily than technologies. It isn't realistic to
    hold the participants of the RFC process to a cultural standard other
    than that which produced the Internet to begin with. In the
    OSI-befuddled reasoning of the Internet age, it is one cultural
    signifier that the burden of security is moved to another layer in the
    stack than the one on which you are myopically focused.

    It _is_ true, that the culture did not correctly anticipate and adapt to
    circumstance, that it was flawed and was badly adapted to other
    circumstances than the University-oriented worlds which spawned it.
    Iroquois culture didn't do too well when thrust into the age of
    gunpowder and private real property, either.

    So, add a Morris Worm and a Cuckoo's Egg (and a DEC firewall!) to the
    soup... We know how we got here. We can get out of the mess with good
    practice. Without that, no amount of good technology can save us - a
    point you have made yourself, many times. 

    --
Jeremiah Cornelius 
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
  • Next message: Chuck Swiger: "Re: [fw-wiz] A fun smackdown..."

    Relevant Pages

    • Wait for it?? Or switch.
      ... Ullrich, chief technology officer for the Internet Storm Center, a site ... Non-Microsoft browsers, such as the Opera browser and the Mozilla and ... vulnerable technologies and tend to focus more on just providing Internet ... The advisory noted that Internet Explorer has had a great many security ...
      (microsoft.public.security.virus)
    • Re: FireFox 1.5 & clipboard access & controlling insert/overwrite mode
      ... technologies for making applications that are NOT connected to the ... Internet and where security issues are monitored thru' a lot of ...
      (comp.lang.javascript)
    • RE: "Selling" a code-audit.
      ... [Writing Secure Code] ... You have all sorts of things to worry about: security, ... given before the code is even written, so a secure culture would never ... on almost every single code audit I have participated in I have received ...
      (SecProg)
    • Saturday May 2 - Python @ Global FSW Conference via VOIP - BerkeleyTIP - 21 Videos -
      ... Voice over internet Global Conference: ... TIP = Talks, Installfest, Project/Programming Party ... Free Culture: ... Voice over Internet Protocol (VOIP) using Asterisk, ...
      (comp.lang.python)
    • You block at your peril
      ... Governments must understand the culture of the Internet and the global ... WHOEVER posted the video on YouTube ridiculing King Bhumibol Adulyadej ...
      (soc.culture.malaysia)