On 9/13/13 10:14 PM, Steve Smith wrote:
No... I still think it is like an exception detection/handling
process... enforcement is roughly detection and handling is roughly
courts and penal? Intelligence is more like virus-scanning...
Crimes are punished and criminals contained -- security theater for an
audience that needs to see `something is being done'. But the deed is
already done. In the analogy, the bits have already been written to
disk. Then you have to hunt evidence and then the bad actor from the
evidence (which is to find the signature in the pool of storage).
More modern virus scanners intercept the bad bits before they hit disk
(as they are coming on the network) and don't torture users of the
system as the cops run around looking the same suspects (disk blocks)
over and over and over. Disk heads flying all over the place, I/O
bandwidth saturated and CPUs wasting cycles looking for known-bad
patterns. Like our apparent insatiable need for security, this is a
huge distraction from actually getting work done.
Marcus
============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
