Mike Rothman fires back

Mike Rothman called me a joker trying to sell security as an enabler. (I’m actually not selling anything.)

Unfortunately the arguments used by Mr. Rothman are not very analytical: “I assure you Mr. Belva, your examples of trying to quantify how worms, viruses, etc. “weaken trust” will end up on the scrap heap like all the others. Nothing personal, but I’ve seen this movie – it seems like hundreds of times. And it always ends the same.”

Mike, if you read the paper linked in the blog you would see the focus is not on worms and viruses or even quantifying them!

You also write: “I focus on what works. And this doesn’t.” Do you really believe that DRM doesn’t work?

Mike, you can read the paper here.

It encouraging to know that other information security professionals understand the paper. Here is an example of a post from full-disclosure.


  1. Mike Rothman Sep 25, 2006 at 9:52 pm | Permalink

    You may not like how I characterized your report in my 100 word snippet. Oh well. There’s not a lot of room for very “analytical” responses. My readers are looking for quick, hard hitting opinion – not long-winded quantiative analysis. I guess that’s what guys like you do.

    My interpretation of your approach is that you are trying to help people quantify how security is an enabling technology, no? And you come to the conclusion that DRM is the answer? I did read your paper, though not in depth because I found it plodding and boring. But that’s me.

    Now most people, who receive a tremendous amount of visibility by being mentioned in my blog and newsletter (whether positive or negative) usually say thanks. My readers can figure out whether they agree with your approach themselves. That’s why I always include the links.

    Good luck evangelizing your approach. Just because I don’t agree with it, doesn’t mean other like-minded folks won’t. All I have is my opinion and I stand by it.


  2. Kenneth F. Belva Sep 25, 2006 at 10:18 pm | Permalink


    Well, I hope we have mutual respect here.

    I respect your hard hitting opinion. But I hope you also respect my hard hitting response.

    While I could continue hitting — on characterizing me as an evangelist, the difference between quantitative and qualitative analysis, the fact that I use DRM to support the Virtual Trust theory (rather than that be “the answer”), etc. — I won’t. I’m not going to get into a petty shouting match.

    Thanks for reading my paper, writing your blurb and linking to my site.

    Perhaps there will be a time when there will be a more collaborative effort between us.

    I can respect the fact that you disagree me. I hope you respect the fact that I disagree with you.

    I hope you’re not offended that I put the boxing gloves on and took a swing.

    Perhaps we can spar in the future.


Post a Comment

Your email is never published nor shared. Required fields are marked *