On Mon, Jul 9, 2012 at 11:22 PM, Christopher Morrow <morrowc.lists@gmail.com> wrote:
But to help protect the private sector, he said it was important that the intelligence agency be able to inform them about the type of malicious
translated: "Hey, what if we could tell our private sector partners (Lockheed-Martin, for instance) that they should be on the lookout for things like X, or traffic destined to Y, or people sending all their DNS queries to these 5 netblocks." (dcwg.org sorta crap)
or, lets take a real example - rsa gets compromised and a third of the authentication tons (most?) of government agencies were using is all of a sudden vulnerable (possibly more than that if you consider that rsa could've lost classified technology). rsa has to realize the threat and can take their time to disclose what they want to disclose. i think if i were in the power to fix that, i would *try* :) ie, i highly doubt a massively scaled system has a chance at detecting most apt. also, i don't really like the idea that someone might be monitoring my activities (who watches the watchers). however, if i were in the position of acquiring data about threats, i think i'd try to suck in as much data as i had the processing power to manage.