RE: [fw-wiz] Broken Analogies (was: Transitive Trust)
From: Brian Loe (knobdy_at_stjoelive.com)
To: "'Ben Nagy'" <firstname.lastname@example.org>, "'Eugene Kuznetsov'" <email@example.com> Date: Tue, 21 Jun 2005 11:51:22 -0500
I have to question how much time some of you are spending with the end user.
In the last three years I have yet to meet one (an end user) at any level
(to include phone reps, managers, and two CEOs) that complained about
aggressive protection. This might be because the companies I have worked for
went from 0 protection to 80% in a matter of months, and they remembered why
we were implementing it in the first place. Just the same, given options I
tend to believe that humans will accept protection with minor (and they
really are pretty minor) inconveniences.
One only needs to look at national politics to see this is true, virtually
everyone has given up a great deal of personal liberty in return for a false
sense of security. Our sell is real security, ought to be easier.
> People's mentality will never change while this is the case,
> because all of the cures are worse than the diseases. Take
> any aggressive quarantine style system and apply it
> enterprise-wide and people will start to bitch. They will
> bitch even worse when there is a false positive because the
> perceived usability cost is too high for them. When we start
> getting more malware that trashes the host then I think all
> of these discussions might become more useful.
> I'm going to leave aside things like acquired immunity,
> re-infection, and avoidance (people don't tend to kiss those
> suffering from cold sores).
> Current worms may _spread_ like diseases, but that's pretty
> much where the useful similarities end, in my opinion.
> Oh, and targeted incidents are not like diseases at all -
> they probably are, actually, more like bears. Or maybe
> weasels. I actually think you might be better looking at it
> from an economic modelling approach with supply and demand of
> exploits and risk / reward of targets. There's probably some
> game theory in there too.
> Anyway, enough ramble.
firewall-wizards mailing list