tag:blogger.com,1999:blog-4088979.post4386159278316360978..comments2023-10-16T06:06:25.012-04:00Comments on TaoSecurity Blog: More on Weaknesses of ModelsRichard Bejtlichhttp://www.blogger.com/profile/13512184196416665417noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-4088979.post-81722761424224919532009-02-25T12:18:00.000-05:002009-02-25T12:18:00.000-05:00As I'm doing some info security modeling myself, I...As I'm doing some info security modeling myself, I'm curious as to what you mean by "information security models?"Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-11843704231499252662009-02-12T21:51:00.000-05:002009-02-12T21:51:00.000-05:00Richard - I am curious what you would do in the pl...Richard - I am curious what you would do in the place of using a model?<BR/><BR/>Pete LindstromAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-77640302756080372742009-02-10T10:06:00.000-05:002009-02-10T10:06:00.000-05:00Models and risk management models are tools that a...Models and risk management models are tools that are supposed to help inform decision makers about possible trends. Goldman Sachs used their risk management tools and models properly and avoided most of the mess the other investment banks found themsleves in. It was a management failure more than anything, otherwise most of the investment banks wouldn't be insolvent now. The New York Times had a write up about it. When one assumes that one's model is absolutely correct and mirrors reality perfectly, then one is likely in for a shock when reality destroys the model at some point.jbmoorehttps://www.blogger.com/profile/09751110750712243573noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-18245315709649570012009-02-05T19:39:00.000-05:002009-02-05T19:39:00.000-05:00Great post. I found it very useful. However, upon ...Great post. I found it very useful. However, upon trying to get the pkg from BSD i found it hd been removed?!?! <BR/><BR/>Any guess why?<BR/><BR/>By the way I have tried multiple time but keep finding that sguil-server installs without the event table in mysql. Can you explain this and or point me to the script that creates the tables and the command syntax to import the table layout?Brianhttps://www.blogger.com/profile/02714234691656362464noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-66402377429022870672009-02-05T13:01:00.000-05:002009-02-05T13:01:00.000-05:00I kind of like models, especially ones that deal w...I kind of like models, especially ones that deal with probability and risk.<BR/><BR/>But it's important to remember that a decision doesn't come from models - it's made by a person.<BR/><BR/>In the current crisis, perhaps the models failed, perhaps they did not.<BR/><BR/>Perhaps the decision makers who used the models failed, perhaps they did not.<BR/><BR/>Some people I know have advanced the view that those who were in a position to profit, understanding the immense risks at hand, decided to pocket the huge rewards and pass the risks on to others, like you and me.<BR/><BR/>One of the things I enjoyed the most about Taleb's Black Swan book was his assertion that understanding the past is just as difficult as predicting the future.<BR/><BR/>The chains of causality that we attribute to historical events may explain what happened, or may be just pleasing narratives, written on wisps of air.<BR/><BR/>Patrick Florer<BR/>Dallas, TexasAnonymousnoreply@blogger.com