[94996] in North American Network Operators' Group
Re: botnets: web servers, end-systems and Vint Cerf
daemon@ATHENA.MIT.EDU (Mark Boolootian)
Fri Feb 16 12:58:49 2007
Date: Fri, 16 Feb 2007 09:38:35 -0800
From: Mark Boolootian <booloo@ucsc.edu>
To: michael.dillon@bt.com
Cc: nanog@merit.edu
Reply-To: booloo@ucsc.edu
In-Reply-To: <2DA00C5A2146FB41ABDB3E9FCEBC74C10106700B@i2km07-ukbr.domain1.systemhost.net>
Errors-To: owner-nanog@merit.edu
> You misunderstand. The problem of securing machines *IS* solved. It is
> possible. It is regularly done with servers connected to the Internet.
> There is no *COMPUTING* problem or technical problem.
>
> The problem of the 100 million machines is a social or business problem.
> We know how they can be secured, but the solution is not being
> implemented.
Eh? Sure, we can secure servers, but that's not where the trouble is.
It's the client systems with browsers and P2P software and people
mindlessly banging on keyboards running arbitrary executables. I'm
interested in hearing how they can be secured, since you seem to believe
this is a solved problem.
