[Dailydave] Have Data will Travel/Make Policy Decisions
Dave Aitel
dave at immunityinc.com
Wed Dec 2 09:56:13 EST 2015
So yesterday I was listening to this great talk from UC Berkley's
Oppenheimer series [1] where he says a number of hilarious things. For
example, he says "Obviously the question of what happened before the Big
Bang (which created SpaceTime) makes no sense, since the equations don't
allow time to go negative. It makes no sense at all to ask what happens
at time -1, for example. But yet. People keep asking the question.
<shrugs in a very Russian way>" and "A lot of the things we see around
us beg hard questions such as 'Why isn't the universe spinning around an
axis? Galaxies have an axis, our solar system has an axis, and I don't
mean a group of countries, but why when we look at the universe do we
see the same number of galaxies in every direction? Where is the axis?"
In any case, I'm about to dial into the NTIA meeting today. And it's
interesting to see the documentation provided this time around which has
various questions in it about vulnerability density. They're not going
to solve any problem in that area. Or even approach a "Statement of
Principles" on it. Because nobody in that room has the data to make any
valid decisions or models about it. They're doing astronomy without any
telescopes. It's all hypothetical questions about the nature of the
Universe.
One of the lessons you get from science is of course: EVEN IF YOU HAVE
THE DATA THE ANALYSIS IS SUPER HARD WORK.
In summary: If you're making models, algorithms, or policy decisions on
"0day", but you have NO DATA, then you're doing astrology, not
astronomy. Astrology, as any girl's Tinder profile will tell you, can be
good marketing. But it should be left out of governance.
-dave
[1]: This dude is incredibly funny like most Russians.
https://www.youtube.com/watch?v=qlHvQLxb4cw
[2]:
https://www.ntia.doc.gov/other-publication/2015/multistakeholder-process-cybersecurity-vulnerabilities
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20151202/829d43b1/attachment.sig>
More information about the Dailydave
mailing list