[EMAIL PROTECTED] wrote: > And therein is the issue. A year ago, I wrote an editorial where I > made a semi-numeric mostly educated guess that 15-30% of all > home/private systems were already compromised. I got some hate mail > but in the intervening months, Vint Cert said 40%, Microsoft said > 2/3rds, and IDC said 3/4ths.
I seem to recall hearing Cerf say one in four, not two in five. Regardless, the numbers are still shockingly high. > Whatever the true number is, real risk management must now assume > that the counterparty to a conversation stands a good chance of being > 0wned. It goes a lot deeper than brokerages, although it doesn't surprise me that this industry has done a lot of thought about it. In my day job I'm finishing a Ph.D. in computer security, using electronic voting systems as a testbed for research. I am appalled at how often well-meaning people ask "well, overhauling all these DRE machines would cost a fortune, so why not just let people vote from home?" Vote-from-home over the internet is probably going to happen sooner or later in some jurisdiction, if only because it is possible for a vendor to claim huge cost savings and convenience increases. And what do we do once we've turned the machinery of democracy over to a network which is increasingly owned lock, stock and barrel by botnets? In a similar vein, I have two close relatives who are judges. It scares me... I mean, it downright _terrifies me_... that they are unaware of just how many machines are compromised, or the likelihood that their own machines are compromised. Whenever I visit either of them--which I do with some frequency--the first thing I do is scour their PCs for traces of infestation. It's a substantial amount of work, but I would much rather do this than run the risk of a felon's conviction being overturned on the grounds of the judge's PC was part of a botnet and thus we can't trust that the entered opinion was accurate. The implications of botnets are both wide-ranging and bone-chilling. I am quite concerned about the potential impacts of botnets upon the world at large. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
