"I can agree with all of that. But a dirty little secret of security affairs is that every discipline has its speculators. "

Of course, though mostly it is kept inside of think tanks and organizations dedicated to the specific discipline, like Jane's for instance... I honestly wasn't surprised to see the DoD speculations site, though adding money to the mix is a rather dumb idea - usually professionals in that particular field have reputations and careers to protect, so being right is paramount in the defense analysis field.

OTOH, I think it's a great idea to set up something just like the DoD futures idea, mostly becuase in the IT business, most prognosticators can be relied upon to be dead wrong.

History bears me out here: The world isn't awash in thin clients. The "wearable computer" still hasn't gotten anywhere outside lab. My toaster, fridge, and dishwasher have yet to be networked... not like I'd weant that, but Sun promised it...

In the security field, the same thing applies: You get the rare decent prediction (like the macro troubles), you get overblown howlers (the world didn't end on 1/1/00 @ 00:00:01 GMT, did it?), you get folks duped entirely by hoaxes (Michelangelo, anyone?), and you get folks blindsided by real problems that no one in the prognostcation industry could've predicted (Slammer...)

If you could get these folks to put their money where their keyboards are (figuratively and literally), they would at least take the time to study a situation, and as you've mentioned at least hedge their bets. Right now, what we're seeing for the most part* is a pack of folks blithely typing up whatever they heard from the code-monkeys down the hall, lace it with a few buzzwords, and then go collect the paycheck.


* this drivel is especially prevalent in publications like the ZDNet family, eWeek, et al. SF has for the most part kept above this, but there are the occasional times when one wonders...

/P



[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/176/21149#21149