Has anyone noticed that the DHS plan is probably closer to the current status of things than the FCC one is? AFAIK, Currently this information _isn't_ required to be publicly reported. The FCC wants it to be. DHS would prefer that it be semi-public at best - just like Michael Dillion wants. Three options: 1. Status quo - no gov't reporting requirements 2. FCC proposal - completely public reporting requirements 3. DHS proposal - limited access reporting requirements Food for thought: Could an analyst, looking at outage reports over a period of time, build a schematic that would demonstrate that if you took out n points, you'd kill x% of data traffic in and out of $pickyourmetropolitanarea? If this analyst were working for Bin Ladin.... Some ad hoc terrorists, in a country crawling with US troops, with a communications infrastructure nowhere as advanced as the USA just managed to coordinate a multiple bomb attack simultaneously. What could they do here with the right information? Should we hand them this information freely? At least if someone in this "clearing house" sells it to the terrorists, they will have had to work for it a bit, instead of having us hand it to them on a silver platter, as the FCC seems to want. Let the flames continue. ** Reply to message from Scott McGrath <mcgrath@fas.harvard.edu> on Fri, 25 Jun 2004 11:22:51 -0400 (EDT)
Well said sir!
Scott C. McGrath
On Fri, 25 Jun 2004 Michael.Dillon@radianz.com wrote:
From the AOL theft article: "The revelations come as AOL and other Internet providers have ramped up their efforts to track down the purveyors of spam, which has grown into a maddening scourge that costs consumers and businesses billions of dollars a year."
Interesting. An insider at a network operator steals a copy of some interesting operational data and sells it to a 3rd party with an interest in doing nasty things with said data.
And if Homeland Security really does require all outages to be reported to a clearing house where only network operations insiders can get access to it, then what? Will someone sell this to a terrorist organization?
Better to leave all this information semi-public as it is now so that we all know it is NOT acceptable to build insecure infrastructure or to leave infrastructure in an insecure state. Fear of a terrorist attack is a much stronger motive for doing the right thing than a government order to file secret reports to a secret bureaucratic agency.
--Michael Dillon
-- Jeff Shultz A railfan pulls up to a RR crossing hoping that there will be a train.