Wisdom from Ranum

The Face-Off article in the September 2007 Information Security Magazine contains a great closing thought by Marcus Ranum:

Will the future be more secure? It'll be just as insecure as it possibly can, while still continuing to function. Just like it is today.

"Continuing to function" is an interesting concept. The reason the "Internet" hasn't been destroyed by terrorists, organized crime, or others is that doing so would cut off a major communication and funding resource. Criminals and other adversaries have a distinct interest in keeping computing infrastructure working just well enough to exploit it.

Being "secure" is another wonderful idea. Marcus clearly shows that there is no secure -- i.e., there is no end game. None of us can retire "when our work is done." We will retire when we can hand off the problem to another generation.


Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics