Personally as a manager I want to know the problem and then the workable solution. I just don't see that many bot nets happening anymore.
From my vantage point I do see students writing bot nets more for programming skills than for malicious attacks.
With several hundred million people and computers on the inter network, there will always be an aberration, caused by some social or mental or emotional defect. Workable technical solutions, not new laws or rants will make these issues, less of an issue operationally in the long run. -Henry --- Eric White hill <Eric@bot> wrote:
Gadi, one of the main issues that people take regarding this is that it seems as though whenever we turn around, you're starting another "OMG! THE INTERNUT IS COMING TO AN END!!!!OMGNO!"
And you get some people jumping around, and some people get all in a frenzy over whatever the perceived issue is. The rest of us just slap our heads, roll our eyes and go "Oh, great, here goes Gadi on another rant..."
Many people in the internet security world, sorry to say, now have a hard time believing what you are saying, and believing whatever you believe. The credibility is just not there any more. It's slipping away, because there are only so many times someone can cry "FIRE!" in a crowded theater before people stop believing you. Unfortunetly, that _is_ starting to happen.
It really seems as though every time we turn around, you're crying Wolf again, and it's bascially getting old.
Sometimes being quiet is not going to win the war.
It would behoove you, however, to not cry wolf so often
The fact that you believe that I cry wolf, shows just how sad the situation really is. I would say this is more of a sign of what is going on. People are starting to NOT believe you. Perhaps it is you who should change what is being said, and how you are saying it.
How long before ecommerce becomes impracticle? :) Far from relevant to NANOG. Or is it? What makes you believe that e-commerce is becoming impractical? Are there that many attacks against those companies? If so, then why has the press not picked it up? The DoS against SixApart hardly made the convential (BBC, CNN, etc) news.
DNS beind abused like there is no tomorrow on the operational level (not infrastructure level) and no one (almost) even noticing is obviously not operational. I run my own publically accessable DNS servers, and they aren't being abused. You're making it sound like all DNS servers everywhere are being abused, and that we should all stop using DNS.
We are all techs, but the decision if for example, block ports at ISP's to stop worms isn't going to be a tech decision, much like hypocritically, ISP's these days block streaming media or P2P for extra cash. It's a business decision that will eventually save or kill the Internet, and to be honest, I see nothing wrong with it. In other words, it seems as though you are for blocking of traffic, and making the internet just another Government-mandated and Gov't-regulated environment? It seems as though that goes against Postel's ideals.
From my perspective, you just want to create big huge firewall, where nothing is allowed, and everything is scrutinized. That's not what the internet is all about. That's not what it was created for. It seems as though we should perhaps no longer call it the "Big Firewall of China", but perhaps, the "Big Firewall of Gadi".
I just am happy there are some people who hold back the tide of the war we already lost, before governments catch up. Even though you are losing credibility amongst your
colleagues around the world?
This isn't meant to be a personal attack against you Gadi, but a wake up call to not change your tune, but to perhaps start singing a different song...the song that actually gets things done. Stop fighting with network operators, and start working with them. That tends to get things done more quickly, and also does not burn your bridges (and credibility) in the process.
I think some of the ideas you have are very good, and others not so good. Either way, you have a good start.
Gadi, I'm not saying to stop doing what you are doing, but perhaps to change around how you go about doing what you are doing, and to stop alienating so many of your other colleagues. Instead of working against groups like nsp-sec and NANOG, start working with them. If you can't get vetted, then work towards getting vetted. Work towards repairing the bridges. Quite a bit of what people see is perception, and right now the perception is one of more of a "panic monkey", rather than a calm, logical, "We should really do this, or else bad stuff like example 1, 2, and 3, can happen, and here's the reasoning behind it." Being calm, logical, and working with other network operators tends to get things done more quickly.
NANOG mods, if I am out of line, I apologize, but I feel as though this needs to be said. I am not trying to do a character assassination, just voice my opinion on the latest network issue. If you have issue with it, please send me an email off list, and we can discuss.