compromised hosts (was Re: Strength in Complexity?)

Perry E. Metzger perry at
Mon Aug 4 15:40:03 EDT 2008

dan at writes:
> The design space for practical network security
> has always been:
>    I'm OK
>    You're OK
>    The Internet is a problem
> A gathering storm of compromised machines, now
> variously estimated in the 30-70% range depending
> on with whom you are talking, means that the 
> situation is now:
>    I'm OK, I think
>    I have to assume that you are 0wned
>    The Internet might make this worse
> Put differently, network security has now come
> close to Spaf's famous line about netsec in the
> absence of host security being assured delivery
> of gold bars from a guy living in a cardboard box
> to a guy sleeping on a park bench.

This is indeed a big new problem -- indeed, I'd say that how you deal
with partially trusted people logged on to untrusted equipment is now
the name of the game.

> BTW, it is probably time to turn off your software's
> autoupdate feature.
> Likely off-topic,

Not entirely. :)

Perry E. Metzger		perry at

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list