Re: RE: Vulnerbilities of Interconnection

5 Sep 2002


      That is one of the reasons research is being done at universities, 
they are not answerable to FOIA's.  While the university environment 
is not the Fort Knox of security for special projects a high level of 
security and confidentiality can be ensured.  Trying to sort out 
publications is the headache.

----- Original Message -----
From: "Daniel Golding" <dgolding@yahoo.com>
Date: Thursday, September 5, 2002 1:27 pm
Subject: RE: Vulnerbilities of Interconnection
...
The crux of the issue are FOIA requests. The government won't make 
thesetypes of vulnerability reports immmune to FOIA requests - 
thus a foreign
terrorist or home-grown "farmbelt fuhrer" could simply order up a 
list of
the most vulnerable sites, and select some to attack.
Due to the distributed nature of the internet, and the routing 
protocolsthat regulate it's traffic flow, there is no single point 
of failure.
However, we have seen how concerted attacks can be made at multiple
locations, almost simultaneously.
If the government could agree to allow this information to remain
confidential, it would greatly expedite the process of hardening 
appropriatefacilities, and identifying weaknesses.
- Daniel Golding
...
Sean Donelan Said...
On Thu, 5 Sep 2002 sgorman1@gmu.edu wrote:
...
very much like to avoid doing the research in a vaccuum.  I 
was hoping
a discussion on NANOG wold be a good first step.  The project 
is quite
hot with the politicos and I very much want to make sure to best
recommendations are made.  Formal industrsy cooperation is one 
side of
this, but I think a lot of information can be gained from an 
informal> > approach as well.  Any and all feedback is greatly 
appreciated>
http://www.infosecuritymag.com/2002/sep/2002survey/voices/verylarge.sht
ml>
...
...
On security reporting...
"Since Sept. 11, state, local and federal authorities have tried 
to get
their arms around the potential threats to the nation's
infrastructure--including the telecommunications infrastructure. 
They have
asked us questions like, 'What are your 100 most vulnerable 
places in the
network?'"
"As much as we would like to help the government in its attempt 
to help
us, we believe it would be counterproductive to share such 
information> widely because if it were released, it would provide 
a terrorist with a
roadmap to our key locations. Unless the government agrees that 
it can
protect our information, we will continue to respectfully 
decline such
blanket requests."
Bill Smith
CTO and President of Interconnection Services, BellSouth

sgorman1＠gmu.edu

tags

participants (1)