[Full-Disclosure] RE: 40,000 deaths per year - Was: CyberInsecurity: The cost of Mo nopoly
From: Schmehl, Paul L (pauls_at_utdallas.edu)
Date: 09/30/03
- Previous message: SGI Security Coordinator: "Multiple OpenSSH/OpenSSL Vulnerabilities on IRIX"
- Next in thread: j: "Re: [Full-Disclosure] RE: 40,000 deaths per year - Was: CyberInsecurity: The cost of Mo nopoly"
- Reply: j: "Re: [Full-Disclosure] RE: 40,000 deaths per year - Was: CyberInsecurity: The cost of Mo nopoly"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <full-disclosure@lists.netsys.com> Date: Tue, 30 Sep 2003 12:29:55 -0500
> -----Original Message-----
> From: Christopher F. Herot [mailto:cherot@appliedmessaging.com]
> Sent: Tuesday, September 30, 2003 11:14 AM
> To: Michael Smith; full-disclosure@lists.netsys.com
> Subject: RE: [inbox] Re: [Full-Disclosure] CyberInsecurity:
> The cost of Mo nopoly
>
> Actually, the average person doesn't now squat about how to
> DRIVE a car either. The result is that 40,000+ people die
> every year in this country from car "accidents." I'd say the
> computer industry is doing pretty well by that standard.
>
Now this is a really dumb argument.
How many licensed drivers are there in the US? 60 million? Your 40,000
deaths represents .0000667 percent of the total population of drivers.
And not all 40,000 were driving, so the real percentage is some factor
smaller than that. So, the 40,000 very obviously does not represent the
"average" driver. Furthermore, you really have to calcuate the number
of person/miles driven to see what the real accident rate is, and when
you do that it's incredibly miniscule.
The death by vehicle rate in America proves that we are doing a very
*good* job of training people to drive, despite all the anecdotal
evidence you can conjur up for stupid drivers.
Given that, your analogy is specious at best, but even given that, it
proves that the computer industry is *much* worse off. What's the rate
of infection for Blaster worldwide, for example? I haven't seen
anything definitive, but I'd bet it's in the hundreds of thousands. And
we have *perhaps* 100 million computers worldwide? So the percentage of
infections would be in the less than 1% range? Still much much higher
than the numbers above.
Paul Schmehl (pauls@utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: SGI Security Coordinator: "Multiple OpenSSH/OpenSSL Vulnerabilities on IRIX"
- Next in thread: j: "Re: [Full-Disclosure] RE: 40,000 deaths per year - Was: CyberInsecurity: The cost of Mo nopoly"
- Reply: j: "Re: [Full-Disclosure] RE: 40,000 deaths per year - Was: CyberInsecurity: The cost of Mo nopoly"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
