Don't even get me started on security vendors peddling "Intrusion Prevention Systems" (IPS) like they're some kind of silver bullet cure for all security ills. I'd like to see some of those vendors taken to court on a Trade Practices Act . . .

Don't even get me started on security vendors peddling "Intrusion Prevention Systems" (IPS) like they're some kind of silver bullet cure for all security ills. I'd like to see some of those vendors taken to court on a Trade Practices Act violation for misleading and deceptive conduct. Sure, IPS are starting to show some promise in detecting and preventing some types of attacks, and there's some adequate heuristics code being bunged into them, but even calling them an Intrusion Prevention System is, in my opinion, misleading.

My all-time favorite was an Intrusion Detection System company that claimed to use artificial intelligence ("I'm afraid I can't do that, Dave") to detect attacks. Of course the vendor--through its PR agency--wouldn't provide me with any more detail on how the thing worked without getting me to sign a non-disclosure agreement. Sounds great. Hate to burst your bubble, Mack, but I'm a journalist--my job is disclosure.

The link for this article located at ZDNet is no longer available.