Snort mailing list archives

Re: Professionalism

From: Joe Smith <shadowm4n () yahoo com>
Date: Wed, 14 Nov 2001 05:08:04 -0800 (PST)

I appreciate many of the comments I've received on
this issue, I thought I'd respond to this one, and
then I'll let the issue rest.

Ralf brings up some good points in the three posts I
read from him.

Astoundingly, most unprofessional code performs
better than so called
professional code.


I thoroughly agree.

What does it mean then? That the corporate world is
made up of
brand-trusting idiots?


Sadly, this has been the case in numerous instances. 
Just because a product/program is functionally
superior doesn't mean it will be better accepted. 
This is precisely how Microsoft slaughtered Apple back
in the 1980's.  A fun movie to watch on this, "Pirates
of Silicon Valley", albeit overdramatized, had a good
exchange between Steve Jobs and Bill at the end of the
movie.  Steve said something like, "Our's is better." 
Bill replies "It doesn't matter."  I'm sure there are
plenty of other good examples of inferior standards
beating out the superior competition (VHS vs. Betamax
also comes to mind).  There is a herd mentality to
corporate America (I won't speak for other countries,
I harbor the hope that they have more sense than we
do, heck, we're not even on the damn metric system yet
*sigh*) that has resulted in decisions that had more
to do with "Is it what everyone else is doing?" versus
"Is this the right decision?".

This is absurd. With open source he CAN look into it
and say he doesn't like
the "lubrication reference", but with closed source,
he can't -- does that
mean the "lubrication reference" isn't there? No.


You'll get no argument from me that this attitude is
absurd.  I agree %100.  But I've felt the results of
indiscriminate stupidity on the part of upper
management, and I assure you, this attitude is there.

With so called professional products, you have to  
believe
the documentation. Since you will not be integrated
into the development
process (even as a watcher or commentator), you    
cannot know HOW exactly a
certain functionality is implemented.


This is precisely why I feel all current commercial
IDS's are not up to the task.  So many vendors were
against the idea of even telling the customer
precisely how their signatures were set up, claiming
this information was proprietary.  Its for this reason
I want open source to succeed.

I appreciate your consideration and patience.  


--- Ralf Hildebrandt <Ralf.Hildebrandt () charite de>
wrote:

On Tue, Nov 13, 2001 at 02:39:00PM -0800, Joe Smith
wrote:

monarch, Mr. Bill Gates.  Many in the corporate

world

have a very negative opinion of open source

precisely

because of what I stated earlier regarding the
unprofessional nature of open source.


Astoundingly, most unprofessional code performs
better than so called
professional code.

They will claim
that the code is "untrustworthy".  This doesn't

mean

it doesn't work (or can be configured to work).

It

doesn't mean that the programmers are

untrustworthy. 

What does it mean then? That the corporate world is
made up of
brand-trusting idiots?

to disqualify a product only because of

lubrication

references, but it does happen and it makes my job

(ya

know, intrusion detection and all that fun stuff)

that

much more difficult.


This is absurd. With open source he CAN look into it
and say he doesn't like
the "lubrication reference", but with closed source,
he can't -- does that
mean the "lubrication reference" isn't there? No.

Yes, its free.  Yes, the classification.config

file

can be sed/grepped to do exactly what you want.

And

yes, its the best thing out there (its superior to
every IDS I've tested, commercial or non).  All

I'm

asking is for snort to make an effort to present a
more professional appearance so that corporate
acceptance is the default, not the exception.


OTOH a simple: "this might be porn" or "pr0n" would
suffice...

-- 
Ralf Hildebrandt                            Tel. 
+49 (0)30-450 570-155
                                            Fax. 
+49 (0)30-450 570-916

ThisemailhasbeenbroughttoyoubyJOLTCola,favoredbyssysadmins,netadminsand

programmerseverywhere.
JOLTCola--forallthesugarandtwicethecaffine(R). 


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or
unsubscribe:

https://lists.sourceforge.net/lists/listinfo/snort-users

Snort-users list archive:

http://www.geocrawler.com/redir-sf.php3?list=snort-users


__________________________________________________
Do You Yahoo!?
Find the one for you at Yahoo! Personals
http://personals.yahoo.com

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Re: Professionalism, (continued)
- Re: Professionalism Brian (Nov 13)
- Re: Professionalism Erek Adams (Nov 13)
- Re: Professionalism Phil Wood (Nov 13)
  - Re: Professionalism Gordon Ewasiuk (Nov 13)
    - Re: Professionalism Joe Smith (Nov 13)
    - Re: Professionalism Jon Bentley (Nov 13)
    - Re: Professionalism George D. Nincehelser (Nov 13)
    - Re: Professionalism olliecat (Nov 13)
    - Re: Professionalism Ralf Hildebrandt (Nov 13)
    - Re: Professionalism Ralf Hildebrandt (Nov 13)
    - Re: Professionalism Joe Smith (Nov 14)
- RE: Professionalism Paul D. Shaffer (Nov 13)
- RE: Professionalism Christopher C. Northrop (Nov 14)
- Re: Professionalism Edwin Eefting (Nov 15)
- RE: Professionalism David Kurtz (Nov 13)
- RE: Professionalism Petriz, Pablo (Nov 13)
  - Re: RE: Professionalism Mark Price (Nov 13)
  - Re: RE: Professionalism Martin Forest (Nov 13)
  - Re: RE: Professionalism Mike Poor (Nov 14)
- RE: Professionalism Sheahan, Paul (PCLN-NW) (Nov 13)
  - RE: Professionalism Erek Adams (Nov 13)

(Thread continues...)