North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: IBM report reviews Internet crime
This should definitely be taken in context: this is a security report from the point of view IBM selling security systems to enterprise customers. It isn't necessarily the "state of the Internet" as a whole. To a large enterprise, getting a web page from "playboy.com" is a security problem even if it is a technically legitimate http transfer wanted by the end user. This is because it is a real danger of potential lawsuit to the employer. To the public at large (and the large ISP), it is not a Internet security problem. (Or, more accurately, opinion varies wildly from person to person.)
Not to nitpick: the report does not seem that statistically sound. Just an opinion. For example, the report attempts to show a trend by day-of-week, yet does not mention or seem to take into account the affect of human reporting behavior. ("aw, I'll report that on Monday..."). Nor does it adjust the source of spam for the population size with access in that region. (I guess it depends on the question being answered...) It does not adjust or make mention of the penetration rates of vendors vs. the number of vulnerabilities reported.
However, having said all that, I'm glad IBM made the report anyway. It is an interesting read.
Scott Weeks wrote: