Longer or more meetings?

Sun, 8 Dec 2002 18:29:09 -0800

> > for myself, while i'd prefer that 802.11b had good security; i'm not that
> > bothered that it doesn't because i use tls/ssh for everything that i do...
> 
> and the 1000+ windows users _at ietf_ who blow their passwords all over
> the net?  and we can watch them get attacked by black-hat sniffers.
> 
> let's get real here.  802.11 WEP blew it bigtime.

and think of all those billions of passwords that cross unencrypted IP
links all the time. 

thus, if i apply your logic:

    let's get real here, IP blew it bigtime (cerf and kahn, those bastards!)

i think not. i think IP solved the right 90% of the problem in the right
timeframe. ditto for wifi.

the problem in using absolutes as examples is that the real-world rarely
simplifies to absolutes. yes, it's preferrable that wifi have groovy
security (if ever the security types would tell us what that was
exactly), but if asked which is better:

	- a world without wifi; or,
	- a world with wifi and non-existent privacy

i'll take the latter without hesitation. and judging by the number of
folks at ietf meetings, who presumably understand the risks, i guess the
market has voted.

/mtr

ps: but this is all moot, 'cause your base argument is that doing things
quickly is bad because bad things happen. sure, in a world of absolutes,
i'll agree. in the real-world however, all these things -- P-A-C-T --
have to be kept in balance. wifi didn't just appear one day. those guys
were working on it for a couple of years. so, there's nothing to suggest
that if they had waited just a few more years that the security folks
wouldn't have shown up to help them out...