"...computer networks, particularly the Internet, can be thought of as having immune systems that are strengthened by certain attacks. Exploitation of security holes prompts users and vendors to close those holes, vendors to emphasize security in system development, and users to adopt improved security practices. This constant strengthening of security reduces the likelihood of a catastrophic attack"
This is yet another facet of considering computer/Internet security as an economics problem rather than just a technical one. The idea is that computer security needs to be considered in terms of various parties negotiating their own needs and incentives. In practice, sub-optimal solutions are the norm in companies due to the politics inside of an organization. I like to think of it like a big multi-party negotiation where the various parties try to draw up the pie in their own interests and where technology and good negotiations can expand it.
As for whether sustained computer attacks will make a system more secure - at least it should realign incentives and parties' perception of danger, which should redraw the pie.
No comments:
Post a Comment