RE: [fw-wiz] Ok, so now we have a firewall, we're safe, right?
From: Chris Blask (chris_at_blask.org)
To: "Ben Nagy" <firstname.lastname@example.org>, "'Paul D. Robertson'" <email@example.com>, <firstname.lastname@example.org> Date: Mon, 30 May 2005 23:30:05 -0400
At 04:20 PM 5/30/2005, Ben Nagy wrote:
>I wrote the below in an awful hurry, but it amplifies Paul's point. The
>threats we're looking at today aren't really anything like they were when we
>all got into this business. Sure, the _vectors_ are the same, and the
>patented MJR/Fred/Paul methodology will still help you out against the huge
>bulk of them. The point is that there is less and less margin for error.
>Anyway, small, self-indulgent rant follows.
.d. well-voiced rant
>Anyway, nothing above is really original. To me it all seems obvious, but
>whenever I talk about this stuff to the 'general public' they are all
>shocked, so maybe some subscribers will find it interesting.
What you wrote is a very cognizant view of our situation, of appropriate
length and catchy content for the brighter than average chimps - er,
laypersons - to read and feel comfortable that they had seen through a
reliable window into what would otherwise be to them a dark and mysterious
world. It is a good bit of writing on an interesting topic that is as
close to most peoples' worlds as black FBI helicopters.
That's the point we all lose after the first few years of really
understanding this stuff - No-one Else Does.
Nobody, nada, not a soul.
The Queen of the Ants would certainly count up the finite number of us who
do and call it "zero". We're talking about 6,000,000,000 people here, and
there ain't more than a football-stadium-full of folks among them that have
Clue #1 about infosec. We aren't even the High School Chess Club - we're
the person in about 1-in-100 schools who is so quirkily bright we make the
chess club members uncomfortable. A stray bullet is more likely to hit a
six-foot albino in Zimbabwe than an infosec expert in Michigan.
Just because you all understand all or some of this stuff, try not to
forget that the person next to you on the bus still hasn't spent five
minutes talking to anyone with a clue yet, and statistically never will.
This means a couple important things:
o When you get a chance to address them, try to give them something
specific they can use - some meme that they can run in their heads and
improve in some way their posture. When you give them a good meme, they'll
share it with their friends and it could propagate to the general
betterment. Otherwise, it's all just background noise they heard some
o We can't win this battle by delivering the level of education we expect
of each other to six times ten to the ninth people. We need to identify
the appropriate amount and content of knowledge to deliver to a variety of
demographics, and build an Internet that securely supports what they can be
o End-user security is optimized in direct proportion to our ability to
make it simple.
There's every reason to think we can do all this stuff. The project is
underway and everything's generally running well so far, inasmuch as
barely-manageable chaos can. Users have been taught enough to respond to
direction, and from time to time we give them good direction.
Eating whales may seem to take forever, but sooner or later you're down to
flukes and limp parsley.
firewall-wizards mailing list