Re: FW: *ICN - A Conspiracy of Inertia?
From: Marcus J. Ranum (mjr@nfr.com)Date: 03/19/02
- Previous message: Oliver Friedrichs: "RE: Statistical Anomaly Analysis? (fwd)"
- In reply to: Benjamin Tomhave: "FW: *ICN - A Conspiracy of Inertia?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 19 Mar 2002 15:22:47 -0500 To: <falcon@cybersecret.com>, <focus-ids@securityfocus.com> From: "Marcus J. Ranum" <mjr@nfr.com>
Benjamin Tomhave wrote:
>Has anybody else heard about this?
Well, there's not any real substance to that article. Basically,
some guy claims that because he's smart he's solved this problem
and that's it. It doesn't really explain _how_ other than in vague
terms.
That's a pretty good indicator of pseudo-science. Fringe scientists
such as, for example, Immanuel Velikovsky, are pretty readily detectable
by the way-out claims, vigorous handwaving, and "the establishment is
trying to suppress me!" attitude. Science would be if he exposed
this approach of his at a reputable conference or presented a refereed
paper at one of the academic security conferences such as USENIX or
CSI. If there's any substance to his claims he'll be a hero, not
ignored. More often you'll find such things don't get past the
publication committee because they're bogus, not because they are
being suppressed. Room temperature fusion's Flieschmann and Pons
went to the press with their "results" because a reputable physics
journal rejected their paper because it was a travesty of science.
I ran into a similar case 4 years ago with a crypto company that
had an "unbreakable system" the "power one time pad" (basically,
it was an amateurish autokey) but they were simply so far out to
lunch they wouldn't listen to me and concluded Bruce Schneier had
blown them off not because they were idiots (they were) but because
he was threatened by their brilliance... Yah, whatever... ;)
It's hard to read between the lines of such a substance-less article
but it seems like he's thinking "security" == "blocking malware"
or viruses. That's a small piece of the whole "security" problem
and it's actually one of the more tractable pieces. That's also a
typical mindset of the basement pseudo-scientist: progress in one
piece of a puzzle (sometimes a solved one!) is treated as earthshaking
because they're often too ignorant of the larger domain of the
problem they've chosen. How many times has someone posted to sci.crypt
asking if anyone has used fractals for encryption, yet? After a
while the "real" scientists in the field don't even bother with it -
not because the poster is right but because they're so clueless they
don't even know how ignorant they are.
> But his logic is
> tempting. The way things are done today is terribly inefficient and
> ineffective, and a lot of people are profiting from it.
Another classic indicator of pseudo-science. Just because a problem
is ugly and intractable, we _want_ to believe that there is a simple,
clean, obvious solution to it. Room temperature fusion, anyone?
> "The reaction is, we don't believe you," Munson says. "But this is not an
> act of faith. All the research I have done is reproducible to scientific
> standards."
One of the hallmarks of scientific work is publication of meaningful
results. Not asserting that meaningful results exist. <shrug> I'll
publicly offer to review Munson's results and publish an opinion in
an open forum. But he's got to be willing to abide by the consequences
if his stuff is all pipe-dream.
mjr.
--- Marcus J. Ranum Chief Technology Officer, NFR Security, Inc. Work: http://www.nfr.com Personal: http://www.ranum.com
- Previous message: Oliver Friedrichs: "RE: Statistical Anomaly Analysis? (fwd)"
- In reply to: Benjamin Tomhave: "FW: *ICN - A Conspiracy of Inertia?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
