---------- Forwarded message ---------- From: Dave Aitel <[EMAIL PROTECTED]> Date: Sun, Jun 29, 2008 at 12:49 PM Subject: [Dailydave] Twitter: (verb) to fail under exponential growth To: [EMAIL PROTECTED]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Talking with my British friends lately they're all quite obsessed with trash. For good reason, I assume, since they now have strict recycling regulations that make the "please sort your trash" Miami Beach and NYC laws seem as worthless as the paper they wasted making them. In NYC the landlord theoretically got fined, but if you were up in the morning you could watch the trash trucks throw the recycling into the same bin as the rest of the trash. Here in Miami it's more real, but you still generate a huge amount of trash every week. Essentially it's an obscene amount of bottles and other things that look different for marketing's sake. What if, like in DKM's books, everything had the same basic package? If all beer comes in "bulbs" then you don't need to recycle, you just need to reuse them. I don't know if that's ever going to happen, but it's clear that what we have now is not even close to sustainable. It's a model that fails under exponential growth, like Twitter or anti-virus signatures. I've always wondered about the rest of our technology that fails in a similar way. Why do our application assessment tools not also fix the bugs they find? If you're trying to buy web application scanning, then your scanner should also be updating the application to fix those pesky SQL Injection bugs. Your binary/source analysis tool should be svn commiting patches to fix your overflows. If you have to rely on a developer to understand the bugs themselves, it doesn't scale. Your network attack tool should upload and run the right patch automatically.[1] Does the modern generation of scanners do this? - -dave [1] Obviously you can upload a management program like BindView instead, but this means you have to MANAGE everything, which doesn't scale. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIZ70etehAhL0gheoRAv/ZAJ9KjggIYf8ch5Hnw5Blajlg5U4+6gCZAVwk WB9QwhyVDqiGFA182Oso9m4= =nHWH -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list [EMAIL PROTECTED] http://lists.immunitysec.com/mailman/listinfo/dailydave -- http://ianlawrence.info _______________________________________________ Lista de discussão da MetaReciclagem Envie mensagens para [email protected] http://lista.metareciclagem.org
