If a standard protocol is broken or insecure, what is the best solution? Maybe supporting only some features or adding a crypto layer?

If it's broken, adding crypto just makes it broken and hidden.

If a standard protocol is broken, the best solution is to deprecate the standard and use something else. Just fix it and move on. It's not like standards are some kind of holy writ; nobody is going to be punished for ignoring bad standards, right? Remember the ISO networking protocols? Too late, too complicated, and everyone said "no thanks." We can do the same, and we should.

Big customers should feel empowered to tell vendors (or standards committees, for that matter), "Nope. That sucks. No money for you, until you fix it." The customer is always right.

Have you ever chosen to avoid a protocol because you considered it completely broken by design?

All the time. I avoid 90% of the current internet protocols. It's a hard fight, though. When I was CTO of one company I kept having to fight to keep our sales team from using those stupid, "remote control your PC to give a customer demo" technologies. What kind of customer would give a vendor's sales rep control of their desktop? But people keep/kept asking for it. Eventually, these problems migrate from being technical problems to political problems, and then security goes out the window.

What about WiFi?

I waited for 8 years until the technology was fairly sorted-out before I spent any of my money on it. So, unlike all the "early adopters" who bought wireless access points with buggy crypto and huge security holes, I got something fairly decent for under $100, and it supports WPA which, by all accounts, is pretty good.

Sometimes, patience is a terrific strategy. Wait and see what happens to the early adopters. If they're all getting hacked to pieces or spending tons of money on patches and upgrades and fixes to the stuff they bought - then it's not ready, yet. This seems obvious to me, but a lot of very senior IT managers don't appear to understand it. The longer you wait the more desperate the vendors will get, and, if you can articulate your requirements clearly, the more likely they'll listen to you.

Do you see any new, interesting, or promising path for network security?

Nope! I see very little that's new and even less that's interesting. The truth is that most of the problems in network security were fairly well-understood by the late 1980's. What's happening is that the same ideas keep cropping up over and over again in different forms. For example, how many times are we going to re-invent the idea of signature-based detection? Anti-virus, Intrusion detection, Intrusion Prevention, Deep Packet Inspection - they all do the same thing: try to enumerate all the bad things that can happen to a computer. It makes more sense to try to enumerate the good things that a computer should be allowed to do.

I believe we're making zero progress in computer security, and have been making zero progress for quite some time. Consider this: it's 2005 and people still get viruses. How much progress are we making, really? If we can't get a handle on relatively simple problems such as controlled execution and filesystem/kernel permissions, how much progress are we going to make on the really hard problems of security, such as dealing with transitive trust? It's 2005, and IT managers still don't seem to know how to build networks that don't collapse when a worm gets loose on them. Security thinkers realized back in the early 80's that networks were a good medium for attack propagation and that networks would need to be broken into separate security domains with gateways between them. None of this is rocket science - I think that what we're seeing today is the results of this massive exuberance in the late 1990's in which everyone rushed to put all their mission critical assets onto these poorly protected networks that they then hooked to the Internet. That was a dumb idea, and that fact just hasn't sunk in, yet.