|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Schneier: ISPs should bear security burden
On Sun, 01 May 2005 21:23:11 +0200, Brad Knowles said: > At 1:07 PM -0400 2005-05-01, [email protected] wrote: > > > I don't think *anybody* seriously expects the bus company to deny passage to > > people who happen to be burglars using public transportation to get to the ir > > next work site.... > > If they're wearing Balaclavas, full body armor, and carrying > AK-47s, along with large sacks slung over their shoulders (either > full or empty), then yes -- I would expect the bus driver to do > everything he could to try to avoid picking them up. But you see - that's because *those* passengers likely pose a threat to the people *on the bus*. The fun starts when you start making passengers turn out their pockets and you try to figure out if that guy dressed like a mechanic heading home from work has a piece of bent metal in his pocket - is it an Allen wrench or a lockpick (note that many SQL-injection attacks *are* that level of subtlety - so it's not an outrageous comparison), and figure out what their intentions are once the get off the bus... (And remember - the TSA is trying to go that route. They now ban lighters because somebody tried to light a shoe bomb with matches. Is that how you want to run your network? ;) Attachment:
pgp00001.pgp
|