That's where my analogy breaks down -- but you're being victimized
largely because of bugs in code other people run. I stand by my
statement: most of the security problems we have on the
Internet are due to buggy code. (If you want to stretch the analogy,
imagine a bogus newspaper report that stimulates uncritical readers to
withdraw their money. It's called a run on the bank, and it's every
bit as much a denial of service issue as excess packet floods -- bank
runs are transaction rates much greater than what the (financial)
system was designed to handle. And when they're triggered by false
rumors -- well, you get the picture, and my metaphors are stretched too
thin as is.)
--Steve Bellovin, http://www.research.att.com/~smb