Wednesday, June 22, 2005

Marcus Ranum Interview at SecurityFocus

I'd like to thank Federico Biancuzzi for interviewing Marcus Ranum at SecurityFocus. The interview is brilliant in my opinion. Unfortunately, I learned of the interview by an ignorant Slashdot story that completely missed the points Marcus makes in the article. Can anyone recommend an alternative to Slashdot that has a lower number of idiotic stories, but still keeps up with technology current events?

Anyway, here is my favorite excerpt:

"Do you see any new, interesting, or promising path for network security?

Nope! I see very little that's new and even less that's interesting. The truth is that most of the problems in network security were fairly well-understood by the late 1980's. What's happening is that the same ideas keep cropping up over and over again in different forms. For example, how many times are we going to re-invent the idea of signature-based detection? Anti-virus, Intrusion detection, Intrusion Prevention, Deep Packet Inspection - they all do the same thing: try to enumerate all the bad things that can happen to a computer. It makes more sense to try to enumerate the good things that a computer should be allowed to do.

I believe we're making zero progress in computer security, and have been making zero progress for quite some time."

I highly recommend everyone read and ponder this interview.

4 comments:

Adam said...

digg.com, and technewsworld.com

Keydet89 said...

Ignorant SlashDot story that completely missed the point? Come on, Richard, what did you expect?

My book was Slashdot'd last Nov or so, and the first response to the review posted went off-topic. I got tired of reading the comments...b/c none of them seemed to have anything to do with the book, or the topic.

Can anyone recommend an alternative to Slashdot that has a lower number of idiotic stories, but still keeps up with technology current events?

My friend, I've been searching all over for something like this for a while...where, on the Internet, does one go for a forum with items of interest and a high SNR? I've seen some communities and forums where the participants stay on topic...but none of them is technical in nature. I've even tried starting my own forums, but found that if the members are vetted, and you try to allow, say, only those folks who actually *do* forensic analysis, you get 0 (zero, nil, null, nada) traffic. If you open up the forum for public consumption, but moderate it, people complain about moderation. If you open the forum up completely, posts go compleletly off topic almost immediately.

If you do find something, please post it on your blog.

H. Carvey
"Windows Forensics and Incident Recovery"
http://www.windows-ir.com
http://windowsir.blogspot.com

Phil Hollows said...

I find the ISN list at (subscribe at http://www.c4i.org/isn.html) high quality, although it's not really a discussion forum.

Phil

Marcus J. Ranum said...

I hate slashdot. They grab one piece of an article and post it and everyone reads just that chunk and then they hop up and down like chimpanzees screeching and tossing poo at eachother for 4 hours until something else catches their attention. Repeat.

What was particularly infuriating to me was 2 aspects of how slashdot covered the article: first, they picked the section that was most likely to cause general colonic spasms, and posted it without context. Secondly, I felt I actually had to reply to the 40 or so Emails that got through my spam filters chiding me for not understanding that "hackers" are really great people and that I should use the term "crackers" to describe cybercriminals. By the end of the day I was hitting reply, choosing the word "cracker" and adding the comment, "whatever."

One of the big lessons that we ignored when the Internet became a new media phenomenon was the "400 channels of crap" problem. The Internet lets every immature kid with an attitude just out of college publish or say whatever they want. It's the ultimate intellectual democracy. Which means that it's also a tower of babble.

mjr.