Re: Schneier: ISPs should bear security burden

["Jay R. Ashworth" <jra () baylink com>]

On Thu, Apr 28, 2005 at 08:03:57AM -0500, Olsen, Jason wrote:
> > You must not have used it much in those 20 years. I can 
> > definitely say worms, trojans, spam, phishing, ddos, and 
> > other attacks is up several orders of magnitude in those 20 
> > years. 
>
> The userbase has also increased by several orders of magnitude beyond
> that.
>
> 1% "bad" traffic at 100 users: 1
> 1% "bad" traffic at 1,000,000 users: 10,000

And this raises an absolutely excellent stand-alone point that seems to
me to be something that netops types should be keeping uppermost in
their minds:

        When a problem gets big enough, it's a *different* problem,
        not just a bigger problem.

An analogy to this (actually, a result of it) is the difference between
the office policies in a 5-person company and a 500-person one, or a
town of 10,000 and a city of 400,000.  

This seems to bear on almost everything I've seen said in this thread
(which is the award winner for the year so far...)

Cheers,
-- jra
-- 
Jay R. Ashworth                                                jra () baylink com
Designer                          Baylink                             RFC 2100
Ashworth & Associates        The Things I Think                        '87 e24
St Petersburg FL USA      http://baylink.pitas.com             +1 727 647 1274

      If you can read this... thank a system administrator.  Or two.  --me