[AusNOG] Consensus from the IETF 88 Technical Plenary - Internet hardening

Dobbins, Roland rdobbins at arbor.net
Sat Nov 9 13:47:46 EST 2013 

On Nov 9, 2013, at 8:30 AM, Geordie Guy <elomis at gmail.com> wrote:

> 1) It's not an ad hominem. I wasn't attacking his person, I was revealing that I was having trouble understanding why he would hold the position he was advocating until I did some brief research that suggested that he is professionally directly involved in a business model which would likely need to be completely rethunk with what the IETF are proposing.  Network security vendors are weird in that they often play both sides of the argument, helping enterprises secure their information from prying eyes, and also prying into information under the auspices of some wider security and safety issue. Maybe it's a symptom of their spy and resisted being spied-upon government variants, but none of it is news.  As Mark pointed out, "as if millions of DPI vendors voices..." etc etc.

I'm speaking only for myself, not for my employer.  That is *always* the case, unless I explicitly note otherwise.  

I don't care about DDoS and availability because I work for Arbor - I work for Arbor because I care about availability and DDoS.  I left my previous employer to work for Arbor when it became apparent that I could no longer make meaningful progress towards my personal goals of increasing the state of the art of availability technology and operational practices while remaining at my previous employer.  I chose my current employer based upon my own interests and goals, rather than the other way around, and I've always done that throughout my entire career.

I've a long track record in the industry as someone who is concerned with security for the Internet at large, and not as a vendor shill.  A bit more research might've led you to discover that fact.

For example, see 22:55 - 23:33 of this video:

<https://ripe67.ripe.net/archives/video/13/>

I'm all in favor of re-thinking business models and operational practices.  However, when I see folks doing things in the name of 'security' (like putting stateful firewalls in front of servers) which don't help and actually negatively impact their security posture, I speak out.

I'm completely uninterested in preserving existing business models.  I'm very interested in a) preserving the ability to maintain availability and b) solving the actual problem of pervasive governmental surveillance, rather than ineffectually scrabbling away at the symptoms, and doing so in a way that will make both the symptoms and the actual underlying problems worse, not better.

I'm a technologist by trade and by inclination who understands that there are some problems that technology simply can't solve.

And that's enough about me.

;>


-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

	  Luck is the residue of opportunity and design.

		       -- John Milton

More information about the AusNOG mailing list