[64533] in North American Network Operators' Group
Re: ISPs' willingness to take action
daemon@ATHENA.MIT.EDU (Sean Donelan)
Mon Oct 27 11:19:49 2003
Date: Mon, 27 Oct 2003 11:16:06 -0500 (EST)
From: Sean Donelan <sean@donelan.com>
To: Joe Abley <jabley@isc.org>
Cc: nanog@nanog.org
In-Reply-To: <FB2E02BE-0894-11D8-A5F4-00039312C852@isc.org>
Errors-To: owner-nanog-outgoing@merit.edu
On Mon, 27 Oct 2003, Joe Abley wrote:
> > Most ISPs are relatively secure. Yes, occasionally a backbone
> > router shows up on some list with a password of "cisco." The major
> > problems are in the systems managed and installed on non-ISP networks
> > (i.e. end-users).
>
> Maybe all the ISPs I've been involved with in the past ten years have
> been exceptions, but there are only a small handful of them that I
> would elevate to the status of "relatively secure".
That's why I said relative. I didn't say they were very secure or had
great security. But when out-running the bear you don't have to be
faster than the bear, just faster than than the other guy.
If you compared the "average" ISP security with the "average" end-user
security, relatively speaking which would be more secure?
Of course, we all have some relatives we'd prefer not to invite to holiday
dinner.
> My experience every time is that end users are amazingly tolerant of
> breakage. The fact that there are popups all over the screen, or that
> it takes five minutes to open their mail client, or that machines
> freeze up every ten minutes and require a hard boot appear to be simply
> accommodated as "that's what computers do".
They are amazingly toloerant of "that's what computers do." They are
amazingly intolorant when someone else "breaks" it.
