[RndTbl] wireshark warning
john at johnlange.ca
Fri Jan 17 09:51:42 CST 2014
And ultimately, Wireshark is WAY to much of an essential tool to not use
it, regardless of the risk.
Like driving, it may be the most risky thing I do every day (especially
yesterday), but I still have to go to work.
On Fri, Jan 17, 2014 at 9:36 AM, Adam Thompson <athompso at athompso.net>wrote:
> On 14-01-17 08:36 AM, Sean Walberg wrote:
>> If you still like reading, https://research.microsoft.
>> com/en-us/people/mickens/thisworldofours.pdf is actually pretty funny.
>> There are a few themes, but the relevant one is "your security measures
>> depends on your adversary. If the Mossad wants your data, there's nothing
>> you can do. A good password is enough to keep your ex-boyfriend out of your
>> computer though"
> Thank you for that link, the reading of which made me snort a carbonated
> beverage out through my nose!
> If you are reading this message in the first place, you are not the
> majority. You are not a significant minority. You are not a visible
> minority. You are not the 1%. You are not the 0.1%. You are probably not
> even the 0.01%, you're more likely [collectively part of the tier that is]
> 0.001% of the world's population.
> If you have everything triple-encrypted, you're defending against 0.1% of
> the 0.001% - someone who simultaneously has the skills to defeat ordinary
> passwords and good computing hygiene *and* cares about your data *and* is
> willing to do illegal things to access it. In other words, you're spending
> a measurable portion of your day defending against, roughly, one or two
> other persons in the world, and you don't even know who they are.
> If you don't have an alarm system, a fog system, exploding dye packets
> scattered randomly throughout your belongings, several guard dogs, bars on
> your windows, and 24x7 CCTV coverage of your entire property to prevent any
> and all unwanted intrusions to your home... then you're not defending
> against 0.1% of the other 99.999%, which is a much more common and likely
> threat than the Mossad wanting your data. We now know the NSA does want
> your data, but mostly in a very impersonal way - kind of like an obsessive
> collector, they simply feel the need to have everything for the sake of
> having it. I'm unsure if the Mossad wants everyone's data in the same way,
> but both organizations are perfectly capable of hiring some local criminal
> (that's the 0.1%) to break into your house and steal your computer.
> On the other hand, the "organized crime" threat category is, IMHO, a bit
> more dangerous than the author posits - that's not a huge bin of people,
> but they do cast a very wide net, and you're now relying on 99% of the
> 0.001% to apply common sense when building and configuring *their* servers,
> and we know that simply doesn't happen consistently.
> Ultimately, I configure my systems correctly, I assume the vendors I rely
> on aren't complete idiots (until proven otherwise), I don't (usually) do
> blatantly stupid things online (usually, I said), and beyond that, I
> *choose* to Not Worry About It, and I spend my life doing more interesting,
> entertaining and pleasurable things.
> Or, in reference to what James Mickens wrote: "what he said". :-)
> -Adam Thompson
> athompso at athompso.net
> Cell: +1 204 291-7950
> Fax: +1 204 489-6515
> Roundtable mailing list
> Roundtable at muug.mb.ca
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Roundtable