Hacker News new | comments | show | ask | jobs | submit login

One quote caught my eye:

    He said those employees need to understand malware and techniques for fighting it, such as deep-packet inspection, which involves a very detailed examination of traffic on a computer network.

    They must also have a deep knowledge of what network traffic should look like. "There are probably only 18 to 20 people in the [U.S.] who have those fundamental skills," Mr. Paller said.
His numbers seem WAY off to me. Can anyone support/refute this claim?

Well, the fact that he says "only 18 to 20 people in the [U.S.] who have those fundamental skills" seems bizarre. If only 18-20 people have them, they're not fundamental, they're exceptional. On the other hand, he's pretty vague about those skills specifically. I know a fair number (>> 20, and I'm a recluse) of people who I could imagine implementing some DPI, and knowing "what looks like normal internet traffic" isn't that hard. On the other hand, there aren't that many people doing automated analysis of targeted malware or 0day, in that context his numbers make more sense (but I would stil call them low). It all comes down to tradeoffs and skill levels. You can always set a bar of "having a set of skills" where the skill level is so high that only 20 people have them. But, most companies aren't doing the bare minimum, and security professionals are wiley so it might seem to some like there are only 20 people, because they're all quietly employed or enjoyably semi-employed.

The skills are "fundamental" because the skills are a necessary condition in order to complete the project.

fundamental :

adj. a necessary base or core; of central importance: the protection of fundamental human rights; interpretation of evidence is fundamental to the historian's craft.

<Special Usage>

affecting or relating to the essential nature of something or the crucial point about an issue: the fundamental problem remains that of the housing shortage.

So I see from your profile that you're an admitted contrarian, but I'll bite your troll-bait. I think if only 18-20 people have the skill, then it does not qualify as a "base or core" skill. The fact that a skill is necessary to complete a task does not, to me, imply that it is also "of central importance". Feel free to continue trolling on the matter by yourself.

I'm guessing he's using a fact (factoid?) that there are a small number of people who could recognize Stux in a packet sniff, but that number is much larger of people who could read anomalies out of that same sniff.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact