December 20, 2002

Monitor Everything

If you monitor a huge ecosystem over time, I believe your ability to identify anomalous behavior in real time decreases as the size of the ecosystem grows - especially if you can store more data than you can process. The data that you can not process, you can not monitor. Correct? Someone tell me if I'm nuts.

The NY Times reported today that the Bush administration wants to monitor the Internet. Perhaps they should just go buy Counterpane and then force every major service provider to provide hooks into Counterpane's monitoring devices - or perhaps provide some sort of standard data feed to Counterpane.

Aside from all the privacy noise on this one - I expect we will need to see some serious research into detecting anomalous behavior. Stay tuned, this one might get interesting.

Posted by Abner on December 20, 2002 01:58 PM | TrackBack
Comments ARE BROKEN Send email instead - Thanks!


Recent Entries
iPhone's SIM Locks: Hardware vs. Software vs. Lawyers
Even (or especially) contests could use a security review
Vendors Responses: Voting Machines and the Pwnie Awards
Dude "Security Rocks"
iPhone Wi-Fi Vulnerability
Harry Potter Security
iPhone Hacking & Fustrations
Let the iPhone Hacking Begin
Geer heads to Washington, Again
This Just In: DRM still doesn't work
L0pht
Phishing meets Internet Advertising
How long to unlock the iPhone Operating System?
Predictive Markets For Politics
The Irony of Phone Security Google Ads
Why Biometric Fingerprint Readers Are A Waste
How to Blag an Interview
Yet another Boston marketing flub
MAC vs. Vista Security
The latest in physical security
Data Loss Archive
Guerrilla Marketing Backfires in Boston
Hackistan
NY Times on the "Market" For Software Vulnerabilities
Not marketing security, marketing *during* security