penciling_in writes: There are no silver bullets in Internet security, warns Paul Vixie in a co-authored piece along with Cyber Security Specialist Frode Hommedal: “Just as ‘data’ is being sold as ‘intelligence’, a lot of security technologies are being sold as ‘security solutions’ rather than what they really are: very narrow-focused appliances that, as a best case, can be part of your broader security effort.” We have to stop playing “cops and robbers” and pretending that all of us are potential targets of nation-states, or pretending that any of our security vendors are like NORAD, warn the authors.
Vixie adds, “We in the Internet security business look for current attacks and learn from those how to detect and prevent those attacks and maybe how to predict, detect, and prevent what’s coming next. But rest assured that there is no end game — we put one bad guy in prison for every hundred or so new bad guys who come into the field each month. There is no device or method, however powerful, which will offer a salient defense for more than a short time. The bad guys endlessly adapt; so must we. Importantly, the bad guys understand how our systems work; so must we.”
Read more of this story at Slashdot.