Ask Security/Cryptography Expert Paul Kocher

Paul Kocher is unquestionably one of the highest-profile computer and network security experts around. He's president of Cryptography Research, Inc. and one of the architects of SSL 3.0. The floor is now open. Please try not to ask questions that can be answered with a few minutes' worth of online research. We'll post Paul's answers to 10 of the highest-moderated questions soon after he gets them back to us. Update: 03/13 18:18 GMT by M : Let's try this one more time, this time with feeling.

Question

How do you sleep at night knowing your products protect terrorists, child molestors, and pirates?

I'm guessing you piss the bed often...

Protecting against DDOS

[rf0]

What is the best way to protect against DDOS? Going from what I have seen there have been a number of ideas such as getting any inbound routers to check that they have a path for any incoming packets and Filter RF1918 address space. Also rate limiting helps but none seem to be a total cure. What else can be done?

-1 Flamebait ?

[sdjunky]

Ok. I guess the mod missed the point that it was to be "humorous".

Ah well.

Can we eat yo

[unborn]

Mr. Kosher?

mod flaw?

[ebonkyre]

Slashcode didn't throw up a warning like "you've already moderated in this thread - it will be lost if you post to it" or something? Sounds like an improvement could be made here. I know the instructions tell you this will happen, but obviously accidents do happen; while repeated "are you sure?" messages tend to get annoying as software tries to protect people from themselves, the warning could be disabled in one's profile...