lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 24 Oct 2007 13:11:42 -0400
From: <Glenn.Everhart@...se.com>
To: <worriedsecurity@...glemail.com>, <full-disclosure@...ts.grok.org.uk>
Subject: Re: DHS need to get on top of this right now

I suspect rather that DHS needs to first acquire the expertise to deal with these issues, and participate as
helpers rather than as directors. 
 
Nanog has dealt with interruptions to the Internet in the past, with success enough that most people are unaware that
major problems ever occurred. There is no reason to expect anyone in government could do as well, and blocking
discussion (the general effect of banning it in "public places" - ever work on a spook job?) would have made the
recovery in the last outage I heard about impossible. 
 
Unfortunately, wisdom and knowledge do not automatically come with authority. DHS has authority, at least within the
US, but has not the record of accomplishment that Nanog has. Let them come forward with improved routing codes that
are not subject to attacks, or with protocols that can be seen to be better than are current, get them discussed, and
act to facilitate (often = "pay for") changing over to such, and this would provide the kind of reputation that would get
them followed and improve safety without writing mandates that could make things worse. They should of course be open
to competing designs also, since others may come up with better designs. Participating in this way would show
wisdom.
 
Glenn Everhart
(speaking for myself)
 
-----Original Message-----
From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk]On Behalf Of worried security
Sent: Wednesday, October 24, 2007 12:32 PM
To: full-disclosure@...ts.grok.org.uk
Subject: Re: [Full-disclosure] DHS need to get on top of this right now


I'm sorry everyone I was just trying to highlight a valid point, i didn't expect a flame war to errupt.
 
The DHS need to ban ISP's from talking about infrastructure security in public places. it should be classified information don't you all think?
 
Just because Nanog has been offending for years by talking about similar subjects doesn't mean its ok and action should be taken now to prevent the continuation of critical infrastructure security recovery be talked about in public. 
 
For anyone who does care about what i'm talking about, I apologize about the trolls in my thread who told me I worked in Mc Donalds and KFC.
 
I know not everyone hates me so perhaps we can have mature discussions about the DHS and Nanog instead of bashing each other saying I work in Mc Donalds, KFC etc.
 
n3td3v



-----------------------------------------
This transmission may contain information that is privileged,
confidential, legally privileged, and/or exempt from disclosure
under applicable law.  If you are not the intended recipient, you
are hereby notified that any disclosure, copying, distribution, or
use of the information contained herein (including any reliance
thereon) is STRICTLY PROHIBITED.  Although this transmission and
any attachments are believed to be free of any virus or other
defect that might affect any computer system into which it is
received and opened, it is the responsibility of the recipient to
ensure that it is virus free and no responsibility is accepted by
JPMorgan Chase & Co., its subsidiaries and affiliates, as
applicable, for any loss or damage arising in any way from its use.
 If you received this transmission in error, please immediately
contact the sender and destroy the material in its entirety,
whether in electronic or hard copy format. Thank you.
Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ