Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!ucbvax!SAIC.COM!little From: little@SAIC.COM (Mike Little) Newsgroups: comp.protocols.tcp-ip Subject: Re: the worm and internet security Message-ID: <8908091555.AA01443@ASLAN.SAIC.COM> Date: 9 Aug 89 15:55:53 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 14 John Polstra wrote and suggested an annual security rodeo for major vendors with visitors and press to record the results. Winners likely get to bake the losers through marketing ads. I'd like to point out a problem with this scheme: the systems brought to the competition are not necessarily those I buy. One would need to employ a stock car racing analogy, where some modifications are allowed - change default passwords, locate machine as "standard" (and what would THAT mean?) host on a network, etc. At some point what becomes allowed is beyond what you or I would do as an administrator; at which point the purpose is forgotten in favor of the competition and the trophies. However, I agree the approach is time tested. Competition is an age old method of determination; perhaps the challenge here is to determine the appropriate contest(s). -Mike