SV: SV: CPE Residential IPv6 Security Poll

Ted Mittelstaedt tedm at ipinc.net
Wed Sep 28 21:18:16 CEST 2016 

This is a flawed "argument of futility"

The reality is that people are fundamentally lazy -
if they were hard workers and industrious they wouldn't be
trying to make a living off the backs of other people's work.
They wouldn't be stealing and the ones not stealing wouldn't be
taking the lazy way out in a debate and using faulty logic.
Nor would they be trying to use IPv4 because it's simpler
to understand, instead of using IPv6 - which is the reason
this list exists in the first place.

Because of this we know criminals will always take the easiest way
into a system first.  When that way gets closed off then they will
take the next easiest way in, and so on and so on.  Crime is
one of the most logical businesses in existence - it's immoral
as hell - but you have to respect the logic of a bank robber -
where else do you get $20,000 for 20 minutes of work?

As a result, securing an open system generally happens through
the mechanism of you close a hole then another is discovered and
you close that one and another is discovered and so on and so on.

People who are not well versed in security,
as they see hole after hole closed, they tend to get the idea
that holes are endless.  Thus, enters in the "argument of futility"

What they don't understand is that every time a security
hole is discovered it makes it harder and more expensive to attack
the next one.

Because the entire point of crime is laziness, the issue isn't whether 
or not we can create an impregnable system.  We cannot do that.

The issue is can we make a system that is difficult enough to
break into that the effort of breaking into it is greater than
the effort of just getting a real job and making money the old
fashioned way - by EARNING it, rather than stealing it.

It is easier to attack a system directly that is exposed then
it is to attack that system via proxy.  Everyone on the Internet
who produces devices that are used on the Internet has a
responsibility to close holes they create - but they also have a
responsibility to make it difficult for crackers.

The web browser makers use
technology like Smartscreen Filter, Phishing and Malware Protection,
Block Attack Sites & Web Forgeries to try and do their part, the
CPE makers need to do their part, and last and most importantly,
all of us need to continue our efforts to try and educate Ma and
Pa Kettle not to click on the Make Money Fast, schemes.

Ted

On 9/27/2016 12:54 PM, Gert Doering wrote:
> Hi,
>
> On Tue, Sep 27, 2016 at 05:06:54PM +0900, Erik Kline wrote:
>> So lowest common denominator it is then.  Of course, any user's home
>> device can be infected through a web page and become part of a botnet.
>
> Nah, of course not.  Viruses and such never spreads through mail, or
> users clicking on things.
>
> We've heard a long and elaborate explanation that Firewalls on CPEs will
> protect IoT devices, so it must be right!
>
> *sigh*
>
> Gert Doering
>          -- NetMaster

---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus

More information about the ipv6-ops mailing list