Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey
Sorry florian. Meant to put it to list. On 2016-10-09 12:25 PM, Large Hadron Collider wrote:
On 2016-10-09 04:20 AM, Florian Weimer wrote:
* Eliot Lear:
Not my end goal. My end goal is that consumers have a means to limit risk in their home environments, and service providers have a means to deliver that to them. They already have, with today's technology. It's just not a mass-market business. Consumers either have to educate themselves (which is not that hard), and service providers need to provide actual service, instead charging a fee for access to a computer system.
There is little interest in this, however. There's a comparable business case for providing managed PCs to consumers, and I'm not sure if any such companies are still left. I'd wager that after the Indian tech support fucks, they've went like "too risky"
But yeah there's a good case. If I had it in me I'd hire a bunch of people to manage consumers' managed PCs.
I'm not convinced that expected traffic profiles are the right answer. We already have that in the server hosting market, and it does constraint the types of services you can run on hosted servers (for the hosting providers who does this). I'm wary of the network putting severe constraints on application architecture, way beyond what is dictated by current technology. NAT more or less killed servers on consumer networks, and this kind of traffic profiling has begun to kill clients on server networks. The whole point of MUD is to leave control in the hands of those who have developed and have to support Things. It is not simply for the SP to decide what traffic is ok, or to charge more for it, but to respect the wishes of the developers. That may be sufficient to stop a lot of bad things from happening to a lot of Things. Nobody respects what developers want, otherwise we wouldn't have any shipping products at all.
What I'm trying to say: Cutting corners is more often a non-development decision. If you can ship today without any security, or at some unknowable date in the future, with additional security features whose impact may not matter, things usually head for the earlier shipping date.
I used to be frustrated by such decisions, but over the past few years, I've come to realize that most of us have so little data on the effectiveness of security features that mandates for them are essentially arbitrary.
And again, this is the wrong way to look at it. The consumer should always get final say. They're the customer. This is a chance for the manufacturer of the device they're using to explain how the device is supposed to behave on the network. If we want to make consumers to make informed decisions, they need to learn how things work up to a certain level. And then current technology already works.
(Sorry that I'm not inclined to read upon the specs—I do wonder how this an improvement over UPnP.)
participants (1)
-
Large Hadron Collider