North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: botnets: web servers, end-systems and Vint Cerf
> > It is regularly done with servers connected to the Internet. > > There is no *COMPUTING* problem or technical problem. > > I beg to differ. Yes, it is possible for tech-savvy users to secure > their machines pretty effectively. But the level of technical > knowledge required to do so is completely out of line with, say, the > level of automotive knowledge required to safely operate an > automobile. You need, at minimum, weeks of training in order to safely operate an automobile. But to safely operate on the Internet, you simply open the box, plug the DSL cable into the DSL port of the NAT/firewall/switch/gateway box, plug the brand new unsecured computer into the Ethernet port, and you can now safely operate on the Internet. The technical problem has been solved for a long, long time. The same factors which drive down the cost of computers, have also driven down the cost of NAT/firewall devices to the point where they could actually be integrated right into the PC's hardware. > We know how -people with specialized knowledge- can secure them, not > ordinary people - and I submit that we in fact do not know how to > clean and validate compromised systems running modern > general-purpose > operating systems, that the only sane option is > re-installation of OS > and applications from scratch. This is an entirely different issue. It's like trying to cure AIDS and syphilis. Maybe prevention is an easier problem to tackle. Condoms are also fairly simple technology that works. --Michael Dillon
|