OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] Re: Can A Web Site Be Reliably Defended Against DoS Attack

[ Lists Home | Date Index | Thread Index ]

On Feb 5, 2004, at 9:21 AM, Bullard, Claude L (Len) wrote:
> , but the fault lies in the design of the Internet
> itself;  specifically, TCP/IP.  It's another case of 80/20 coming
> back to bite us.
> The web was fielded witlessly.

The Web (or rather the TCP/IP Internet, you appear to mean from the 
context) wasn't "fielded witlessly" it was designed to solve a problem 
that had we ever faced, the Russian malware authors would be as 
radioactively dead as the American male potency enhancement spammers.   
The commercial world jumped on it because TCP/IP works as well for very 
real infrastructure link failures as it does in hypothetical nuclear 
attacks .  As always, Father Darwin had the last word, and the 
monoculture that this success created serves as a fertile ground for 
all sorts of parasites that exploit the lack of 
accountability/tracability/confirmation that are inconsistent with 
TCP/IP's core mission of simply and efficiently routing around points 
of failure.

It may be time to change priorities and either handle routing and 
reliable messaging farther down in the infrastructure or add new layers 
in the middle of the stack so that there can be better authentication 
and accountability at the levels we care about.  Whatever is done, it's 
likely that a new type of parasite will evolve to exploit it -- maybe 
we'll trade the hassles the spammers create for the hassles the 
bureaucrats create, and in 20 years curse the "witless" people who 
created the situation.  Such is life  (and I think the invevitability 
of parasitism is well-known in Artificial Life as well).


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS