lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <200503130653.j2D6rsxN002695@turing-police.cc.vt.edu>
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu)
Subject: Reuters: Microsoft to give holes info to Uncle
	Sam first - responsible vendor notification may not be a good
	idea any more... 

On Sat, 12 Mar 2005 16:33:46 CST, "J.A. Terranson" said:

> *ALL* government pc's (whether US gov, UK gov, Martian gov., whatever) are
> critical infrastructure bozo.

Critical infrastructure:  If it dies, things start breaking *very* badly,
very quickly.

If a PC directly related to managing calls in an E911 center dies, then emergency
calls don't get routed.  That's critical infrastructure.

If something nails the NOC at AS701, large parts of the net could conceivably
crash and there be no way to get things working.  That's critical infrastructure.

If some PC at the IRS gets whacked, then several hundred tax audits that were
being handled by that tax agent get delayed until the system can be re-imaged and
restored from backups.  That's not critical infrastructure.

Now tell me - what percent of government systems, if they were suddenly and
unexpectedly unplugged from the network, would result in a partial or complete
loss of network functionality?  Things like routers, mail servers, Active Directory
servers, and so on - *those* are "critical infrastructure".

If you have critical infrastructure out on a secretary's desk, you're doing
something *very* wrong....
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050313/aff87634/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ