Return-Path: <sentto-279987-1538-996754163-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Thu, 02 Aug 2001 05:11:10 -0700 (PDT) Received: (qmail 13390 invoked by uid 510); 2 Aug 2001 11:11:44 -0000 Received: from n34.groups.yahoo.com (216.115.96.84) by 204.181.12.215 with SMTP; 2 Aug 2001 11:11:44 -0000 X-eGroups-Return: sentto-279987-1538-996754163-fc=all.net@returns.onelist.com Received: from [10.1.4.53] by mk.egroups.com with NNFMP; 02 Aug 2001 12:09:23 -0000 X-Sender: ellisd@cs.ucsb.edu X-Apparently-To: iwar@yahoogroups.com Received: (EGP: mail-7_2_0); 2 Aug 2001 12:09:23 -0000 Received: (qmail 58067 invoked from network); 2 Aug 2001 12:09:22 -0000 Received: from unknown (10.1.10.26) by l7.egroups.com with QMQP; 2 Aug 2001 12:09:22 -0000 Received: from unknown (HELO n34.groups.yahoo.com) (10.1.1.30) by mta1 with SMTP; 2 Aug 2001 12:09:22 -0000 X-eGroups-Return: ellisd@cs.ucsb.edu Received: from [10.1.2.23] by mk.egroups.com with NNFMP; 02 Aug 2001 12:09:22 -0000 To: iwar@yahoogroups.com Message-ID: <9kbftg+van5@eGroups.com> In-Reply-To: <200108021156.EAA03330@big.all.net> User-Agent: eGroups-EW/0.82 X-Mailer: eGroups Message Poster X-Originating-IP: 128.29.4.1 From: ellisd@cs.ucsb.edu Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Thu, 02 Aug 2001 12:09:19 -0000 Reply-To: iwar@yahoogroups.com Subject: [iwar] Re: China Skeptical Code Red PC Worm of Chinese Origin Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit --- In iwar@y..., Fred Cohen <fc@a...> wrote: > Per the message sent by ellisd@c...: > ... > > are thousands of exploits), a new worm is possible. Until we are able > > to better patch our systems (bad solution) or create more secure > > systems (better, but harder solution), worms are going to continue to > > be a problem. > > I disagree that it's harder to make systems more secure than to have to > constantly patch them. While patches may be inevitable in computer > systems as they are in automobiles, when you build a better system the > qwuality leads to lasting value. The issue in computers is that the > technology has been changing so quickly that "new" has been widely > perceived as better than "high quality" - always a mistake when surety > is the objective. This is a different tangent than what I wanted to pursue... I agree that there is better, lasting value in more reliable systems. It is just harder to build really reliable systems than it is unreliable systems. Sure, the formal methods community has produced some methods that would drastically increase the reliability of software, but it is too expensive and too hard. The testing community has produced nothing really helpful in building more reliable systems (regression testing is far from complete). > > > Attribution will be nearly impossible and meaningless. > > I disagree about the limits of attribution. We may be able to do a > great deal better than you think. The likelihood that we or anybody will ever find the creator of any of these viruses (unless they are stupid and brag on about it--like mafiaboy). I think that for most of these attacks the limits of attribution are "one hop"--that is, the previous ip address in the trace. Tracing this back to the first ip address is infeasible. That last hop may be all the attribution that is needed. If every person sews the person who infected them then two things will happen: 1) lawyers will get very, very rich, and 2) the burden for keeping systems secure rests on the consumer. The latter will in turn create greater demand for more reliable systems, which may be the impetus necessary to get the better, lasting quality we need out of systems. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Small business owners... Tell us what you think! http://us.click.yahoo.com/vO1FAB/txzCAA/ySSFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:38 PDT