Imagine you are in an enclosed space. It starts to flood. As the water level rises, the amount of oxygen you have available falls. Unless it stops flooding, eventually you will have no oxygen at all.
So, the CPU, RAM, diskspace, and network bandwidth of your machine, as well as limits imposed by integer math, are the enclosed space. Those specify the finite processing limits of your machine. Malware is the flood. Oxygen is what's left in your enclosed space/machine, once your malware defences have run. Malware is flooding at 243% (+/- error). This is consuming the oxygen in your machine. You can enlarge your enclosed space, with hardware upgrades, but that's not stopping the flooding. Eventually you will find it's not possible to upgrade the machine (usually a software dependency of some kind). At this point the machine will run slower and slower. Your alternatives will be to disconnect the machine from the internet, and partially/completely disable malware filters; or to replace the machine. As you can see you're spending money on upgrades and replacements, and losing productivity and/or capabilities (eg. internet access). Meanwhile, the malware is still flooding into your enclosed space. Every second that goes by, the rate of flooding increases. Your boss is screaming at you for spending a zillion on hardware. Your users are whinging because everything is running like a dog. Your support staff are running around constantly fixing machines on which the AV has failed (yet again) to stop the latest 0-day variant. Your company's customers are livid because you had to tell them you had a trojan on an accounts machine and their credit card data is now on the web. Your wife has the hump because you're never home, except in a bad mood, your kids think you are a boarder, and the dog hates you because you never take it for walks anymore. And you now need to go to your boss and ask for more money for more upgrades. What are you gonna do? Are you going to let your IT run like this forever? Do you think your boss will like it when you ask him for more budget? What is your long-term strategy for fixing this problem? Stu On 16 May 2010 at 19:08, Thor (Hammer of God) wrote: From: "Thor (Hammer of God)" <t...@hammerofgod.com> To: "full-disclosure@lists.grok.org.uk" <full-disclosure@lists.grok.org.uk> Date sent: Sun, 16 May 2010 19:08:26 +0000 Subject: Re: [Full-disclosure] Windows' future (reprise) > The error in your overall thesis is your failure to identify the difference > between threat and risk. You are interacting with Symantec's report of "x > new threats" as if it actually means something, or more specifically, that > these new threats somehow translate into some new level of risk. They don't. > > According to Stephen Hawking, there are new threats emerging based on the > statistical probability of the existence of aliens. Therefore, a "threat" > exists where I may be struck in the head by a falling block of green alien > poo, frozen in the atmosphere after being flushed out by a passing > pan-galactic alien survey ship. However, the actual *risk* of me being hit > in the head while walking to a matinée of The Rocky Horror Picture Show > doesn't dictate that I apply a small mixture of Purell and Teflon to my > umbrella and fill my squirt gun with alien repellent. > > The risk of me personally being struck by falling alien poo is *far* lower > than the risk of any one of the almost 7 billion people on the planet being > struck by falling alien poo. You may be able to calculate the risk of my > being poo'd in relation to any given human being poo'd, but no level of math > will allow you to determine what my or any other person's individual chance > of being poo'd is. > > Your argument would call everyone to change the way they protect themselves > from falling alien poo out of the mere existence of a threat without really > qualifying the associated risk. That does nothing for anyone, and would only > cause a rise in the cost of umbrellas and squirt guns and would probably > result in the theater putting the kibosh on Rock Horror completely and > charging people to watch Born Free. (Insert clever association of "Born > Free" with "free" open source products here. See what I did there?) > > Further, the basis of this "threat" is that you would actually have to trust > what Stephen Hawking is saying in the first place. In his case, there really > isn't any way to know that he's the one saying it, is there? For all we > know, the ghost of Carl Sagan could have hacked into his computer and has > made Mr. Hawking's requests to have his Depends changed translated into "run > for your lives, the aliens are coming, the aliens are coming" when his > computer talks. > > My point is that you are taking threat statistics from Symantec that don't mean anything on their own, as there is no definition of how those threats would apply to any given system, and directly converting them into some global level of risk - and you are doing so to such extremes that you actually conclude that the solution is to do away with Microsoft products based on some unproven and imagined postulate that closed source is somehow at the core of the issue while at the same time admitting you don't know anything about the platform. The fact that you are actually using Windows and programs written with Visual Studio out of convenience to you critically damages your argument. If you as the author of this idea refuse to migrate from Windows or applications written with Windows development products and frameworks just because it is *not convenient* for you, how could you possibly expect anyone supporting any infrastructure of consequence to take your advice or even consider your ideas as anything other than hysteria when they would have to engage in unfathomable expense, effort and time to create a total and complete paradigm change in their business simply to try to defend against being hit by falling alien poo? > > t --- Stuart Udall stuart a...@cyberdelix.dot net - http://www.cyberdelix.net/ --- * Origin: lsi: revolution through evolution (192:168/0.2) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/