Timeline and forward look at security countermeasures
by Andy Oram
William Hurley has just put up a justification of the field of network
security countermeasures (a term he clearly prefers to the term
critics like to use--"vigilantism") along with a
Like most people interested in pushing forward technology, I have
often been interested in those who try things that other people say
shouldn't or couldn't be done. That's what led me to
early P2P filesharing systems
in 2000, for instance. I was interested then in the technical and
social movements Gnutella and Freenet represented, not the particular
usage of avoiding the legal ramifications of sharing files.
Countermeasures of the types Hurley describes (rather than some of the
crude and immature attacks promoted by others) look like another such
fertile area. The social interaction component, as with P2P, is
fascinating. Hurley is trying, through the open-source
to develop a completely transparent way to identify and protect
against attackers, and to get people around the world to collaborate
on this project. He's even approached the Apache Foundation for help.
There's a lot of talk about who can ensure security in our
society--and it's not generally the authorities. I put forward the
idea in 1998 in an article titled
Hygiene, Not Cyber Fortress Protects Our Networks. Isn't OpenSIMS
thinking along the same lines?
what was his blog entry actually saying?
Did he say anything new in this entry? It seemed more like he was just saying "ahh, a year ago I stirred up some trouble."
Incubator isn't necessarily help
Just a small semantic point Andy, any project with a compatible license can propose themselves to the ASF Incubator. The Foundation will "help" people adhere to the community guidelines so that once they graduate from the incubator they resemble other ASF projects (open development + meritocracy, etc.) So, proposing that a project enter the incubator is less an instance of someone asking the ASF for help and more a formal process for an external (or new project) to be considered a subproject or project of the Foundation. Yeah, I know, that's not the best explanation. :-) Andy, I'm always taking issues with your semantics, don't take it the wrong way. - Tim O'Brien