Ask HN: Need a better analogy than sniping at goatherders
You may know I've been writing a series of articles which I've been calling "Letters to Dubai" because of the friend who inspired me to write about this set of topics. (http://consulting.m3047.net/dubai-letters/)
I plan to write one about NOD (Newly Observed DNS Domains) on a technical / tactical / theoretical level, but events occurring around me are telling me I need to write two prequels: 1) the industrial complex which preruns your domain and 2) targeting places by targeting people.
See, it's that second one. An uncomfortable topic. It is what's happening though: indicator of compromise vendors target infrastructure and they should know (unless they're incompetent liars, which some of them are) who operates that infrastructure. But that word "operates" suffers from category confusion (https://en.wikipedia.org/wiki/Category_mistake): I operate a server, but I do not Operate the infrastructure which ultimately connects that server to the internet.
In the cases I'm seeing it's that infrastructure Operator who should be targeted at proportionate scale, but what they're doing instead is sniping at goatherders who went to get water from the well the same as they'd always done before the Operator moved in.
Who's got a better analogy? Happy to credit the analogy or analogies I use.
5 comments
[ 3.6 ms ] story [ 16.9 ms ] threadI guess that's part one, because part two would be that neither the PaaS or the people doing bad things to them inform these innocent third parties: there's no "declaration of war" between the PaaS and soi disant defenders, no signage, and no bodies because they're sniping with heavy weps which vaporize the bodies.
Edit: It could also just be "broken windows", they shot up the place and moved on, but the soi disant defenders are still shooting at survivors going to the well.
Thanks for letting me clarify.
As for analogies, some launch points...
- "one bad apple spoils the bunch"
- something about bad neighbors
- leading horse to water
- poisoning the well
Have you tried brainstorming with an LLM?
Let's stop talking about bad actors. The people doing the sniping think they're defenders. The PaaS is staffed by mostly well-intentioned people but they're poorly managed and they keep getting called to work on features instead of fixing vulnerabilities.
> Have you tried brainstorming with an LLM?
Maybe we should just move on.
Let me also clarify and re-iterate: the people doing bad things to the innocent third parties aren't the bad people, it's the soi disant defenders who are shooting at them.