[logs] Re: on database logging

From: Mordechai T. Abzug (morty@private)
Date: Fri Mar 23 2007 - 00:19:21 PST

On Thu, Mar 22, 2007 at 11:00:49AM -0400, Marcus J. Ranum wrote:

> Personally I do not think that is possible because of site variances
> in security implementation, site variances in targets and their
> value, and site variances in practices. You can compute long-term
> cigarette-related cancer mortality rates in humans because there is
> a large (but dwindling!) sample of tobacco smokers but that works
> because cigarette smoking affects all smokers more or less the same
> way in large samples.


It's worse than that.  Computer security threats evolve quickly.
Yesterday's risk probability cannot predict what will get announced at
Black Hat tomorrow.  To borrow your health care analogy, imagine what
health insurance would be like if new superplagues evolved many times
per year, had high mortality rates, and attacked specific
cross-segments of the population.

- Morty
LogAnalysis mailing list

This archive was generated by hypermail 2.1.3 : Fri Mar 23 2007 - 07:20:40 PST