[71285] in North American Network Operators' Group
RE: Even you can be hacked
daemon@ATHENA.MIT.EDU (Randy Bush)
Fri Jun 11 19:38:06 2004
From: Randy Bush <randy@psg.com>
Date: Fri, 11 Jun 2004 16:37:27 -0700
To: Henry Linneweh <hrlinneweh@sbcglobal.net>
Cc: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
yes, we're gonna hack desperately for a decade to make up
for asecure (innocent of, as contrasted with devoid of,
security) application protocols and implementations. it'll
take half that time for the ivtf and the vendors to realize
how deeply complexity is our enemy. and until then we'll
hack everywhere in our desperation.
but in the long run, i don't think we can win with an active
middle.
the problem is that the the difference betwen good traffic
and bad traffic is intent. did the sender intend to send /
reveal those data? did the recipient wish to receive them?
and, i don't think we can stand in the middle and judge.
and there's the rub.
the cute example is, as i said to you privately, that i have
customers who wish to receive what is sent by what i think
of as malicious folk. the recipients are security folk and
net-sociometricians. so who am i to judge? some people
even eat at macdonalds.
randy, who enjoyed his lunch of seared ahi and asparagus
