The False Positive: Still tomorrow’s mistake!
The False Positive: Still tomorrow’s mistake!
By Richard Moss | Jul 2, 2009 | 1214 reads
5 comments
Facebook
LinkedIn
Digg
The topic of the 'false positive' has always been an issue for the security profession and the subject has been in the news again recently; last week, following the announcement of Michael Jackson’s death, Google News found its website so inundated with page requests that its security systems and [human] analysts mistook the legitimate traffic for a denial of service attack – so convinced were Google that they disconnected the news site for a short period of time.
Closer to home, the mainland’s deployment of the controversial content control software ‘Green Dam’ has generated numerous press articles and criticism (but staying on the subject of false positives) a story that brought a wry smile to my face last week was ‘Green Dam’ blocking internet downloads of pictures of pigs (those filthy swine, always making the news somehow).
The software can be used for multiple purposes but is reportedly designed to target online pornography by scanning images for key attributes of pornography and apparently an excess of pink colored areas is one of those – so presumably the excess of pink pig flesh caused Green Dam to block downloads of pig pictures.
This of course raises questions of how popular pig-picture downloads are in mainland china, but perhaps that’s a topic for another blog.
But let’s be honest with ourselves: the expression “false positive” is just another way of saying “mistake” – a mistake where legitimate email, content or applications have been incorrectly blocked in the name of security when they shouldn’t have been. And it's really hard to get this bit right - anyone involved in the deployment and tuning of an IPS system can tell you just how time-consuming and laborious the effort is in getting a complex security system tuned to the behavior of the enterprise and to accurately reproduce and solve any problems when they arise!
Furthermore, as much of an enterprises’ security requirements are outsourced today (think anti-virus, SPAM control, managed security services) the reporting requirements to a 3rd party vendor can become quiet onerous and needs to be very specific or there is little they can do to help.
However, the false positive is not a new phenomenon; yet it is one that has not successfully been resolved over the past few years - although the industry might argue that great improvements have been made in the area (an example being the accelerated deployment of IPS over the more widely accepted IDS systems of the past, although I would argue that IPS deployments still block traffic in a limited fashion, sort of an IDS+ rather than a true IPS!).
Similar
Add comment
Comments
Don Ed Hardy is an American tattoo artist born in Iowa in 1945, and raised in Southern California.tiffany jewellery
ed hardy shoes
A pupil of Sailor Jerry, Hardy is recognized for incorporating Japanese tattoo aesthetic and technique into his work
ed hardy
Information on Blogger
Similar
knowledge_central_tab
Dresses, evening, cocktail,
Dresses, evening, cocktail, prom dresses, formal gowns from eiDress. Homecoming dresses and bridesmaid.
Evening Dresses
Cocktail Dresses
Formal Gowns
Prom Dresses: Find Online fashionable prom dresses,homecoming dresses from top USA prom gowns designers,
Evening dresses, sexy Tops , casual dress ,sexy
Custom Dresses
Elegant couture designer evening gowns, sexy dresses, inexpensive on sale prom dresses,
bridesmaid dresses
Nationwide bridal salon offers bridal and wedding gowns, bridesmaid dresses,
flower girl dresses, tuxedos, and other special occasion apparel. Site includes a bridal
wedding dresses
designer wedding dress