| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 5 Oct 2008 10:46:36 -0700
From: "James Matthews" <nytrokiss@...il.com>
To: n3td3v <xploitable@...il.com>
Cc: n3td3v <n3td3v@...glegroups.com>, full-disclosure@...ts.grok.org.uk,
nanog@...og.org
Subject: Re: Fwd: cnn.com - Homeland Security seeks cyber
counterattack system (Einstein 3.0)
They generally don't have any clue what they want. This is only a PR stunt
On Sun, Oct 5, 2008 at 10:30 AM, n3td3v <xploitable@...il.com> wrote:
> Bad idea,
>
> The rogue government would use hospitals and power stations, to "cyber
> human shield" against the counter attack.
>
> You guys are living in cloud cuckoo land. The rogue government
> wouldn't have their bot nets in home computers that you could shut
> down easily.
>
> Read my rant about it all with the link below that I typed in May 2008
> to stop the "Afcyber" idea going through.
>
> http://lists.grok.org.uk/pipermail/full-disclosure/2008-May/062517.html
>
> All the best,
>
> n3td3v
>
> ---------- Forwarded message ----------
> From: Tony Patti <tony@...lter.com>
> Date: Sun, Oct 5, 2008 at 5:20 PM
> Subject: cnn.com - Homeland Security seeks cyber counterattack system
> (Einstein 3.0)
> To: "nanog@...og.org" <nanog@...og.org>
>
>
> I presume this CNN article falls within the "Internet operational and
> technical issues" (especially security) criteria of the NANOG AUP,
> in terms of "operat[ing] an Internet connected network",
> especially where Chertoff refers to " like an anti-aircraft weapon,
> shoot down an [Internet] attack before it hits its target".
>
> http://www.cnn.com/2008/TECH/10/04/chertoff.cyber.security/index.html
>
> Homeland Security seeks cyber counterattack system
>
> WASHINGTON (CNN) -- First, there was "Einstein," the federal
> government's effort to protect itself from cyber attacks by limiting
> the number of portals to government computer systems and searching for
> signs of cyber tampering.
>
> Then Einstein 2.0, a system now being tested to detect computer
> intrusions as they happen.
>
> And in the future? Perhaps Einstein 3.0, which would give the
> government the ability to fight back.
>
> Homeland Security Secretary Michael Chertoff on Friday said he'd like
> to see a government computer infrastructure that could look for early
> indications of computer skullduggery and stop it before it happens.
>
> The system "would literally, like an anti-aircraft weapon, shoot down
> an attack before it hits its target," he said. "And that's what we
> call Einstein 3.0."
>
> At a meeting with reporters to highlight National Cyber Security
> Month, Chertoff reiterated his belief that the government should
> aggressively defend its computer systems, saying that terrorists, if
> they gain expertise already available to others, would "cause
> potentially very serious havoc" to government systems.
>
> "Let's make the investment now rather than wait until there's a huge
> catastrophe," he said.
>
> But despite his emphasis on the risks posed, Chertoff said the
> government is moving slowly to avoid stepping on the toes of the
> private sector as it addresses calls to reorganize the governance of
> cyberspace to provide accountability and authority.
>
> "I think the question of what is the government's role in cyberspace
> in general needs to be discussed among all the stakeholders, because
> there is a culture of cyberspace that is an open architecture," he
> said. "And I think if we just came in and said we want to take it
> over, there'd be, understandably, a considerable amount of discomfort
> with that."
>
> "We are deliberately going slowly because we recognize that the issue
> of government involvement in the Internet is fraught with all kinds of
> potential concerns and potential anxieties about not having the
> government have a big-foot impact on an area of communication and
> commerce that has traditionally been viewed as really independent and
> free."
>
> Chertoff said the government is "feeling our way to what is the right
> mix of government involvement with protecting the Internet in the
> private domain while preserving everybody's comfort level that we're
> not going to be in their business in a way that would be
> inappropriate."
>
> Asked if he envisioned a world with two cyberspaces, he said he
> envisions a world with "a lot of different levels of security and
> trust, depending upon the nature of what it is that you're doing."
>
> "We already have that now, in the sense that we have classified
> systems which are walled off from unclassified systems," he said.
> The Bush administration released its National Cyber Security
> Initiative in January. The "most immediate component" of it from the
> Department of Homeland Security's perspective, Chertoff said, is to
> increase security for federal government computer systems.
>
> But another priority is to work with the private sector to address
> threats to businesses. This includes not only protection from hackers,
> but also from counterfeit parts, which an individual or another nation
> could use to create vulnerabilities in the United States, he said.
> E-mail to a friend
>
>
> Tony Patti
> CIO
> S. Walter Packaging Corp.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
--
http://www.goldwatches.com/
http://www.jewelerslounge.com/
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists