RE: Ok, so now we have a firewall, we're safe, right?

[Chris Blask <chris () blask org>]

Hey, Tina!

At 06:50 PM 5/31/2005, you wrote:
> If user education was going to make the difference, humans would all
> exercise regularly, eat their vegetables, and practice safe sex. We can't
> fix the problem by educating folks, because we've been *doing* education (in
> a number of different ways) for a long time, and if it was going to work, it
> would have.

Education can and does make a difference, and has to an extent in our 
effort to date.

The scale of the entire Global Internet Training Process is just much 
larger than what we have addressed to date.  Thing is, we have just begun 
to do it, the student population is exponentially larger than can be 
addressed richly in the necessary time (and segmented seven ways to 
Sunday), and we have other problems as well to keep it lively.

> Whatever it is that we're trying to fix, I think the answer is to accept
> that we're dealing with issues of human nature, not technology.

Absolutely and undeniably correct.

> Any solution based on humans doing the right thing (like working out, 
> skipping dessert
> for more veggies, and not reading pr0n on the Internet) is doomed to
> failure.

That's one way to word it, but I'd say it more like: "we need to accept 
that people will do what people will do, and any solution that requires 
radical modification of six billion people's behavior is doomed to 
failure."  Whether the things people do are good or bad is a separate line 
of debate, whether they will do what they do is not a debate.

> So I like solutions that help me to protect myself against the
> lowest common denominator: firewalled enclaves that protect really sensitive
> data; encrypted harddrives on laptops; endpoint inspection and
> context-sensitive access control...

Absolutely correct.  And it will take a bit still to deliver all those 
encrypted drives and get them installed on every machine in the world, but 
it will happen.  Until then, the firewalled (and the Sneaker Netted) 
enclaves nested inside bunkers bristling with guns is entirely the right 
place to store really hot data (for *really* hot data you can encrypt the 
atoms in the wires and I'm still not plugging it in).

I think the scale of this whole thing throws us off more than we know.  If 
someone had drafted a good Project Plan for the Internet before starting it 
would never have been built:

  "Thing's gonna take about 83 years and 14.5 Septillion man-hours to get 
up and running with most of the bugs shaken out.  Think we can get funding 
so the guys can start on it next Wednesday?"

:-)

-chris


Chris Blask
chris () blask org
http://blaskworks.blogspot.com


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards