U.S. spy agencies ... email for cybersecurity
Somebody needs to give them a clue-by-four. The private sector already has the "Internet address where an email ... originated"; it's already in the Received lines. We don't need to be informed about it, we already inform each other about it. And it's already delivered "at network speed." It is my understanding the Dept of Homeland Security already cooperates in sharing government intrusion information. We certainly don't need a "U.S. spy agency" MITM to "protect the private sector." Moreover, the US is the source of most spam and malware, so the NSA isn't really going to be much help. And the US is the source of the only known cyber attacks on other country's infrastructure, so it's not likely much help there, either. Unless they expect retaliation? === http://in.reuters.com/article/2012/07/10/net-us-usa-security-cyber-idINBRE86... U.S. spy agencies say won't read Americans' email for cybersecurity 8:48pm EDT By Tabassum Zakaria and David Alexander WASHINGTON (Reuters) - The head of the U.S. spy agency that eavesdrops on electronic communications overseas sought on Monday to reassure Americans that the National Security Agency would not read their personal email if a new cybersecurity law was enacted to allow private companies to share information with the government. ... But to help protect the private sector, he said it was important that the intelligence agency be able to inform them about the type of malicious software and other cyber intrusions it is seeing and hear from companies about what they see breaching the protective measures on their computer networks. "It doesn't require the government to read their mail or your mail to do that. It requires them, the Internet service provider or that company, to tell us that that type of event is going on at this time. And it has to be at network speed if you're going to stop it," Alexander said. He said the information the government was seeking was the Internet address where an email containing malicious software originated and where it traveled to, not the content of the email. ... But the U.S. government is also concerned about the possibility of a cyber attack from adversaries on critical infrastructure such as the power grid or transportation systems.
I think what Gen.Alexander said and what the reporter missed out is that they're interested in malware traffic flows, bot C&Cs etc, rather than smtp received headers
He said the information the government was seeking was the Internet address where an email containing malicious software originated and where it traveled to, not the content of the email.
--srs On Tue, Jul 10, 2012 at 7:16 AM, William Allen Simpson <william.allen.simpson@gmail.com> wrote:
Somebody needs to give them a clue-by-four. The private sector already has the "Internet address where an email ... originated"; it's already in the Received lines. We don't need to be informed about it, we already inform each other about it.
-- Suresh Ramasubramanian (ops.lists@gmail.com)
(note, people ought to: 1) think about this on their own making up their own minds, 2) understand that the press has some very weird ideas, 3) take some better protections on their own, for their own security) also, I'm not judging the OP nor the reporter nor the ideas espoused in the article/clips... On Mon, Jul 9, 2012 at 9:46 PM, William Allen Simpson <william.allen.simpson@gmail.com> wrote:
Somebody needs to give them a clue-by-four. The private sector
people keep trying, sometimes it's helped. sometimes reporters need to sell stories :(
already has the "Internet address where an email ... originated";
it's not just email they care about :( (you knew that I think)
it's already in the Received lines. We don't need to be informed about it, we already inform each other about it.
one interesting idea, that has proven out some merit over the years is the ability to share 'incident' data across entry points (say across companies, or gov'ts even) about 'bad things' that are happening. Take the case of 'spam came in from this end system to my mailserver', if I tell you that (or some central system that which you can query) you'll learn that maybe the inbound connection to you is also spam-rich.
And it's already delivered "at network speed."
the article sort of reads like the above scenario though... maybe it's NOT that, maybe it's something else entirely... it SEEMS that the gov't wants to help. They may be able to, they may just foul things up. The reporter certainly didn't leave enough details in place to tell :(
It is my understanding the Dept of Homeland Security already cooperates in sharing government intrusion information. We certainly don't need a "U.S. spy agency" MITM to "protect the private sector."
<http://en.wikipedia.org/wiki/Einstein_%28US-CERT_program%29> you may mean? could be... the wikipedias are sometimes wrong, or so says the teacher of my 7yr old.
Moreover, the US is the source of most spam and malware, so the NSA isn't really going to be much help. And the US is the source of the
but hosts in the US that are botted/spamming, also spam/bot other things outside the US, right? so really who cares where the src is, get some data collection points up and use that data to inform your security policy, no? (sure, you'll have to have some smarts, and some smart people, and be cautious... but you'd do that anyway, right? :) ) These folks have some awesome tech for that sort of data collection and analysis: <http://en.wikipedia.org/wiki/SHERIFF> it's a shame that their parent company can't find a way to monetize that sort of thing. (the article there talks about some older version of the system, which is still alive/well today doing fraud detection and was doing some IDS/anomaly-detection-like work as well for ip network things)
only known cyber attacks on other country's infrastructure, so it's not likely much help there, either. Unless they expect retaliation?
===
http://in.reuters.com/article/2012/07/10/net-us-usa-security-cyber-idINBRE86...
U.S. spy agencies say won't read Americans' email for cybersecurity 8:48pm EDT
By Tabassum Zakaria and David Alexander
WASHINGTON (Reuters) - The head of the U.S. spy agency that eavesdrops on electronic communications overseas sought on Monday to reassure Americans that the National Security Agency would not read their personal email if a new cybersecurity law was enacted to allow private companies to share information with the government. ...
But to help protect the private sector, he said it was important that the intelligence agency be able to inform them about the type of malicious
translated: "Hey, what if we could tell our private sector partners (Lockheed-Martin, for instance) that they should be on the lookout for things like X, or traffic destined to Y, or people sending all their DNS queries to these 5 netblocks." (dcwg.org sorta crap) that doesn't sound 'bad', it sounds like there is a gap in the business world to wrap all this data up and sell access to it... but the gov't can jump in with their mountains of data from their 'einstein' or whatever and go to town protecting their 'partners' who have often close interactions with the gov't, right?
software and other cyber intrusions it is seeing and hear from companies about what they see breaching the protective measures on their computer networks.
adding to the above: "What if we had an API such that you could feed your collected alarm/alert/badness data to us as well? and we could feed that back into our system, protect ourselves AND send it back out to the other partners?" again, that's not that bad, really it sounds pretty cool... only if MCI could have found a way to productize and monetize that... which we built for them too :( but I digress.
"It doesn't require the government to read their mail or your mail to do that. It requires them, the Internet service provider or that company, to tell us that that type of event is going on at this time. And it has to be at network speed if you're going to stop it," Alexander said.
alexander is loose with his pronouns, which makes this worse... in reality: "send your alarm data to our system, hurrah!", PROBABLY this could include large ISP people if the pricing (or regulatory world were right), these folks COULD of course limit that to 'business isp traffic only', maybe. this sounds a little less on the ball though, so I'll blame bad reporter-translation, and hope that Alexander really meant: "Our partners in the industry, who help supply us and build our widgets for us, would be enabled to send data into our API..."
He said the information the government was seeking was the Internet address where an email containing malicious software originated and where it traveled to, not the content of the email.
I'm sure this was simply an example... and the reporter jumped on it like a carnivore, poor job reporter! :(
...
But the U.S. government is also concerned about the possibility of a cyber attack from adversaries on critical infrastructure such as the power grid or transportation systems.
yes, put in the boogie-man! also, keep in mind that CI things are ... in a horrid state, and as it turns out the folk running it are ostriches :( -chris
On Mon, Jul 9, 2012 at 11:22 PM, Christopher Morrow <morrowc.lists@gmail.com> wrote:
But to help protect the private sector, he said it was important that the intelligence agency be able to inform them about the type of malicious
translated: "Hey, what if we could tell our private sector partners (Lockheed-Martin, for instance) that they should be on the lookout for things like X, or traffic destined to Y, or people sending all their DNS queries to these 5 netblocks." (dcwg.org sorta crap)
or, lets take a real example - rsa gets compromised and a third of the authentication tons (most?) of government agencies were using is all of a sudden vulnerable (possibly more than that if you consider that rsa could've lost classified technology). rsa has to realize the threat and can take their time to disclose what they want to disclose. i think if i were in the power to fix that, i would *try* :) ie, i highly doubt a massively scaled system has a chance at detecting most apt. also, i don't really like the idea that someone might be monitoring my activities (who watches the watchers). however, if i were in the position of acquiring data about threats, i think i'd try to suck in as much data as i had the processing power to manage.
On Tue, Jul 10, 2012 at 3:32 AM, shawn wilson <ag4ve.us@gmail.com> wrote:
On Mon, Jul 9, 2012 at 11:22 PM, Christopher Morrow <morrowc.lists@gmail.com> wrote:
But to help protect the private sector, he said it was important that the intelligence agency be able to inform them about the type of malicious
translated: "Hey, what if we could tell our private sector partners (Lockheed-Martin, for instance) that they should be on the lookout for things like X, or traffic destined to Y, or people sending all their DNS queries to these 5 netblocks." (dcwg.org sorta crap)
or, lets take a real example - rsa gets compromised and a third of the authentication tons (most?) of government agencies were using is all of a sudden vulnerable (possibly more than that if you consider that rsa could've lost classified technology). rsa has to realize the threat and can take their time to disclose what they want to disclose.
sure, this isn't really in line with the idea I was getting at, except that: "Hey, PRC located ips really might be using token-auth to login to your systems, w00t!"
i think if i were in the power to fix that, i would *try* :) ie, i highly doubt a massively scaled system has a chance at detecting most apt.
it might not, but discounting/dealing with all the cruft that today takes up your ops-folks time easily/mechanically surely frees the mup to focus on the things that they REALLY need to pay attention to... Essentially, filter out the garbage, focus on the actual threats to your business. The shared data pool COULD do that.
also, i don't really like the idea that someone might be monitoring my activities (who watches the watchers). however, if i were in the
if you work for a corporation (in the US at least) ... the corporation already has been monitoring your activities, you signed (in almost all cases) a paper acknowledging that fact, w00t!
position of acquiring data about threats, i think i'd try to suck in as much data as i had the processing power to manage.
exactly... and if done right, the 'service in the cloud' (or whatever) that aggregates, can do some bunches of that processing for you. -chris
On Mon, Jul 9, 2012 at 11:22 PM, Christopher Morrow <morrowc.lists@gmail.com> wrote:
(note, people ought to: 1) think about this on their own making up their own minds, 2) understand that the press has some very weird ideas, 3) take some better protections on their own, for their own security)
also, I'm not judging the OP nor the reporter nor the ideas espoused in the article/clips...
On Mon, Jul 9, 2012 at 9:46 PM, William Allen Simpson <william.allen.simpson@gmail.com> wrote:
Somebody needs to give them a clue-by-four. The private sector
people keep trying, sometimes it's helped. sometimes reporters need to sell stories :(
already has the "Internet address where an email ... originated";
it's not just email they care about :( (you knew that I think)
it's already in the Received lines. We don't need to be informed about it, we already inform each other about it.
one interesting idea, that has proven out some merit over the years is the ability to share 'incident' data across entry points (say across companies, or gov'ts even) about 'bad things' that are happening.
Take the case of 'spam came in from this end system to my mailserver', if I tell you that (or some central system that which you can query) you'll learn that maybe the inbound connection to you is also spam-rich.
And it's already delivered "at network speed."
the article sort of reads like the above scenario though... maybe it's NOT that, maybe it's something else entirely... it SEEMS that the gov't wants to help. They may be able to, they may just foul things up. The reporter certainly didn't leave enough details in place to tell :(
It is my understanding the Dept of Homeland Security already cooperates in sharing government intrusion information. We certainly don't need a "U.S. spy agency" MITM to "protect the private sector."
<http://en.wikipedia.org/wiki/Einstein_%28US-CERT_program%29>
you may mean? could be... the wikipedias are sometimes wrong, or so says the teacher of my 7yr old.
Moreover, the US is the source of most spam and malware, so the NSA isn't really going to be much help. And the US is the source of the
but hosts in the US that are botted/spamming, also spam/bot other things outside the US, right? so really who cares where the src is, get some data collection points up and use that data to inform your security policy, no? (sure, you'll have to have some smarts, and some smart people, and be cautious... but you'd do that anyway, right? :) )
These folks have some awesome tech for that sort of data collection and analysis: <http://en.wikipedia.org/wiki/SHERIFF>
it's a shame that their parent company can't find a way to monetize that sort of thing. (the article there talks about some older version of the system, which is still alive/well today doing fraud detection and was doing some IDS/anomaly-detection-like work as well for ip network things)
to be fair to vz/mci here, an offline reader pointed me to: <http://newscenter.verizon.com/press-releases/verizon/2011/verizon-teams-with-northrop.html> hey lookie, they sold one :) (hopefully for the sheriff folks, they can do more of this, it really is cool)
only known cyber attacks on other country's infrastructure, so it's not likely much help there, either. Unless they expect retaliation?
===
http://in.reuters.com/article/2012/07/10/net-us-usa-security-cyber-idINBRE86...
U.S. spy agencies say won't read Americans' email for cybersecurity 8:48pm EDT
By Tabassum Zakaria and David Alexander
WASHINGTON (Reuters) - The head of the U.S. spy agency that eavesdrops on electronic communications overseas sought on Monday to reassure Americans that the National Security Agency would not read their personal email if a new cybersecurity law was enacted to allow private companies to share information with the government. ...
But to help protect the private sector, he said it was important that the intelligence agency be able to inform them about the type of malicious
translated: "Hey, what if we could tell our private sector partners (Lockheed-Martin, for instance) that they should be on the lookout for things like X, or traffic destined to Y, or people sending all their DNS queries to these 5 netblocks." (dcwg.org sorta crap)
that doesn't sound 'bad', it sounds like there is a gap in the business world to wrap all this data up and sell access to it... but the gov't can jump in with their mountains of data from their 'einstein' or whatever and go to town protecting their 'partners' who have often close interactions with the gov't, right?
software and other cyber intrusions it is seeing and hear from companies about what they see breaching the protective measures on their computer networks.
adding to the above: "What if we had an API such that you could feed your collected alarm/alert/badness data to us as well? and we could feed that back into our system, protect ourselves AND send it back out to the other partners?"
again, that's not that bad, really it sounds pretty cool... only if MCI could have found a way to productize and monetize that... which we built for them too :( but I digress.
"It doesn't require the government to read their mail or your mail to do that. It requires them, the Internet service provider or that company, to tell us that that type of event is going on at this time. And it has to be at network speed if you're going to stop it," Alexander said.
alexander is loose with his pronouns, which makes this worse... in reality: "send your alarm data to our system, hurrah!", PROBABLY this could include large ISP people if the pricing (or regulatory world were right), these folks COULD of course limit that to 'business isp traffic only', maybe.
this sounds a little less on the ball though, so I'll blame bad reporter-translation, and hope that Alexander really meant: "Our partners in the industry, who help supply us and build our widgets for us, would be enabled to send data into our API..."
He said the information the government was seeking was the Internet address where an email containing malicious software originated and where it traveled to, not the content of the email.
I'm sure this was simply an example... and the reporter jumped on it like a carnivore, poor job reporter! :(
...
But the U.S. government is also concerned about the possibility of a cyber attack from adversaries on critical infrastructure such as the power grid or transportation systems.
yes, put in the boogie-man! also, keep in mind that CI things are ... in a horrid state, and as it turns out the folk running it are ostriches :(
-chris
To be fair, we really should listen to what he had to say; http://www.c-span.org/Events/Director-of-NSA-Outlines-New-Threats-to-Securit... The introduction by Wolfowitz doesn't really help the credibility, but the master of FUD knows you have to build a foundation of truth in order to layer on the FUD. Alexander's technical discussion is pretty good. He seems to at least know the basics of the issues he addresses. It's his conclusions I have trouble with. First and foremost, he proposes addressing the problem of insecure systems by layering on another system. This approach hasn't worked yet, and is even less likely to work in the future. If they build this system, can they keep malicious hackers out? Chinese? Russians? If they can build this system securely, why not just go without it, and rebuild the existing systems securely? While they may only be interested in data streams, and not email content, as he said: How will you build it with the capability of examining binary attachments or links, but not email content? By nature, this system would have the capability of reading our mail, even if that's not the stated purpose. How long until mission creep starts looking for keywords? Then there's issues of concern mainly to technical people. Many on this list have the capability of doing some really bad stuff to the network. Would it be justifiable to watch these people a little more closely than the general public? The public might not mind (yet), but should all of our discussions (i.e., intellectual property) be automatically forfeited to the government? Both signed and proposed legislation have opened the door to "greater cooperation between the military and homeland security". Should this capability of the military be available to DHS to hunt out "subversives"? Can they guarantee that there will be no mission creep? No searching (or archiving) of email contents? And most of all, can they guarantee that it will never get pwned? Cheers, G_
It's more of a strategy to centralize protection efforts versus using a de-centralized approach. I want go into the scalability issues and also "scope" creep aspects however, as Chris points out, it would be far better to share indications & warnings with organizations that can leverage their own security infrastructure to protect themselves. Organizations have different risk management profiles meaning they know what is important to protect to sustain their business and will make decisions based off of that. You can share this information automated style depending on your level of trust of what is being provided so things can move at the speed of light so to speak however this is still, yet another, reactive approach. We all know the issues of signature based systems. However, their intent is good and all about protecting the country. The approach can be debated though :) Jerry On Mon, Jul 9, 2012 at 11:22 PM, Christopher Morrow <morrowc.lists@gmail.com
wrote:
(note, people ought to: 1) think about this on their own making up their own minds, 2) understand that the press has some very weird ideas, 3) take some better protections on their own, for their own security)
also, I'm not judging the OP nor the reporter nor the ideas espoused in the article/clips...
On Mon, Jul 9, 2012 at 9:46 PM, William Allen Simpson <william.allen.simpson@gmail.com> wrote:
Somebody needs to give them a clue-by-four. The private sector
people keep trying, sometimes it's helped. sometimes reporters need to sell stories :(
already has the "Internet address where an email ... originated";
it's not just email they care about :( (you knew that I think)
it's already in the Received lines. We don't need to be informed about it, we already inform each other about it.
one interesting idea, that has proven out some merit over the years is the ability to share 'incident' data across entry points (say across companies, or gov'ts even) about 'bad things' that are happening.
Take the case of 'spam came in from this end system to my mailserver', if I tell you that (or some central system that which you can query) you'll learn that maybe the inbound connection to you is also spam-rich.
And it's already delivered "at network speed."
the article sort of reads like the above scenario though... maybe it's NOT that, maybe it's something else entirely... it SEEMS that the gov't wants to help. They may be able to, they may just foul things up. The reporter certainly didn't leave enough details in place to tell :(
It is my understanding the Dept of Homeland Security already cooperates in sharing government intrusion information. We certainly don't need a "U.S. spy agency" MITM to "protect the private sector."
<http://en.wikipedia.org/wiki/Einstein_%28US-CERT_program%29>
you may mean? could be... the wikipedias are sometimes wrong, or so says the teacher of my 7yr old.
Moreover, the US is the source of most spam and malware, so the NSA isn't really going to be much help. And the US is the source of the
but hosts in the US that are botted/spamming, also spam/bot other things outside the US, right? so really who cares where the src is, get some data collection points up and use that data to inform your security policy, no? (sure, you'll have to have some smarts, and some smart people, and be cautious... but you'd do that anyway, right? :) )
These folks have some awesome tech for that sort of data collection and analysis: <http://en.wikipedia.org/wiki/SHERIFF>
it's a shame that their parent company can't find a way to monetize that sort of thing. (the article there talks about some older version of the system, which is still alive/well today doing fraud detection and was doing some IDS/anomaly-detection-like work as well for ip network things)
only known cyber attacks on other country's infrastructure, so it's not likely much help there, either. Unless they expect retaliation?
===
http://in.reuters.com/article/2012/07/10/net-us-usa-security-cyber-idINBRE86...
U.S. spy agencies say won't read Americans' email for cybersecurity 8:48pm EDT
By Tabassum Zakaria and David Alexander
WASHINGTON (Reuters) - The head of the U.S. spy agency that eavesdrops on electronic communications overseas sought on Monday to reassure Americans that the National Security Agency would not read their personal email if a new cybersecurity law was enacted to allow private companies to share information with the government. ...
But to help protect the private sector, he said it was important that the intelligence agency be able to inform them about the type of malicious
translated: "Hey, what if we could tell our private sector partners (Lockheed-Martin, for instance) that they should be on the lookout for things like X, or traffic destined to Y, or people sending all their DNS queries to these 5 netblocks." (dcwg.org sorta crap)
that doesn't sound 'bad', it sounds like there is a gap in the business world to wrap all this data up and sell access to it... but the gov't can jump in with their mountains of data from their 'einstein' or whatever and go to town protecting their 'partners' who have often close interactions with the gov't, right?
software and other cyber intrusions it is seeing and hear from companies about what they see breaching the protective measures on their computer networks.
adding to the above: "What if we had an API such that you could feed your collected alarm/alert/badness data to us as well? and we could feed that back into our system, protect ourselves AND send it back out to the other partners?"
again, that's not that bad, really it sounds pretty cool... only if MCI could have found a way to productize and monetize that... which we built for them too :( but I digress.
"It doesn't require the government to read their mail or your mail to do that. It requires them, the Internet service provider or that company, to tell us that that type of event is going on at this time. And it has to be at network speed if you're going to stop it," Alexander said.
alexander is loose with his pronouns, which makes this worse... in reality: "send your alarm data to our system, hurrah!", PROBABLY this could include large ISP people if the pricing (or regulatory world were right), these folks COULD of course limit that to 'business isp traffic only', maybe.
this sounds a little less on the ball though, so I'll blame bad reporter-translation, and hope that Alexander really meant: "Our partners in the industry, who help supply us and build our widgets for us, would be enabled to send data into our API..."
He said the information the government was seeking was the Internet address where an email containing malicious software originated and where it traveled to, not the content of the email.
I'm sure this was simply an example... and the reporter jumped on it like a carnivore, poor job reporter! :(
...
But the U.S. government is also concerned about the possibility of a cyber attack from adversaries on critical infrastructure such as the power grid or transportation systems.
yes, put in the boogie-man! also, keep in mind that CI things are ... in a horrid state, and as it turns out the folk running it are ostriches :(
-chris
-- Jerry jerry@jdixon.com
On Mon, 09 Jul 2012 21:46:51 -0400, William Allen Simpson said:
But to help protect the private sector, he said it was important that the intelligence agency be able to inform them about the type of malicious software and other cyber intrusions it is seeing and hear from companies about what they see breaching the protective measures on their computer networks.
Back in the dark ages at the beginning of this millennium (L1on worm, anybody?), the guys at SANS created this thing called DShield. https://isc.sans.edu/about.html#history Just sayin'.
On Tue, Jul 10, 2012 at 8:33 PM, <valdis.kletnieks@vt.edu> wrote:
Back in the dark ages at the beginning of this millennium (L1on worm, anybody?), the guys at SANS created this thing called DShield.
Sure. But if what Gen.Alexander says comes off - this looks like a US-CERT or other clearinghouse to handle sensitive data of all sorts (critical infrastructure attacks, sensitive data leaks / breaches etc) I can see where DShield - and various other players in similar, but heavily silo'd spaces - might coordinate with a neutral centralized clearinghouse. -- Suresh Ramasubramanian (ops.lists@gmail.com)
The government is already doing this via the ISACs. http://www.ren-isac.net/docs/charter.html Cheers, Harry On 07/10/2012 11:13 AM, Suresh Ramasubramanian wrote:
On Tue, Jul 10, 2012 at 8:33 PM, <valdis.kletnieks@vt.edu> wrote:
Back in the dark ages at the beginning of this millennium (L1on worm, anybody?), the guys at SANS created this thing called DShield.
Sure. But if what Gen.Alexander says comes off - this looks like a US-CERT or other clearinghouse to handle sensitive data of all sorts (critical infrastructure attacks, sensitive data leaks / breaches etc)
I can see where DShield - and various other players in similar, but heavily silo'd spaces - might coordinate with a neutral centralized clearinghouse.
On Tue, Jul 10, 2012 at 8:55 PM, Harry Hoffman <hhoffman@ip-solutions.net> wrote:
The government is already doing this via the ISACs.
I have a lot of respect for what REN-ISAC does but it doesn't nearly have the sort of coverage this project appears to be looking at. -- Suresh Ramasubramanian (ops.lists@gmail.com)
On Tue, 10 Jul 2012 21:19:07 +0530, Suresh Ramasubramanian said:
On Tue, Jul 10, 2012 at 8:55 PM, Harry Hoffman <hhoffman@ip-solutions.net> wrote:
The government is already doing this via the ISACs.
I have a lot of respect for what REN-ISAC does but it doesn't nearly have the sort of coverage this project appears to be looking at.
The important point is that it's hardly a new and revolutionary idea...
On Tue, Jul 10, 2012 at 9:24 PM, <valdis.kletnieks@vt.edu> wrote:
I have a lot of respect for what REN-ISAC does but it doesn't nearly have the sort of coverage this project appears to be looking at.
The important point is that it's hardly a new and revolutionary idea...
Sure. Is there any point in reinventing a wheel? Multiple different silo'd communities have ever been useful - and also the biggest stumbling block for coordination. Clearinghouses at a national level aren't particularly new either - the aussie telecom regulator ACMA set one up for spam / security reports with various local service providers and its been doing just fine for the past few years. At a basic level, aggregating + anonymizing feeds from various data sources and sending alerts to SPs.. and cooperation only builds upwards from there. -- Suresh Ramasubramanian (ops.lists@gmail.com)
“Come on! It’s time to play with the Wii!” Kimber dragged Chris to the middle balance board. “Let’s do snowboarding first. That’s fun.” She let everyone get in position, and started the snowboarding game. At first, Chris felt a little clumsy. His massive, stuffed balls weighed heavily on his legs, and his thick, semi-erect dick, straining against his pants, made it feel like they were going to pull down at any moment. As Tasha and Kimber snickered at his poor performance, Chris felt himself getting annoyed. I’ve never done this with a monster cock between my legs! It’s throwing me off balance! Chris sighed audibly and settled his feet as far apart as possible on the balance board. His mammoth nutsack swung heavily between his legs. It pulled the stretchy pants even lower on his body, exposing the base of his broad prick. Chris felt a bit self-conscious about that, but it felt so good to let his gargantuan ballsack brush against the fabric of his pants and against the sides of his thighs. He soon noticed another benefit. With both his colossal rod and his fat nuts between his legs, his center of gravity had shifted downward considerably. Once he relaxed and allowed his gargantuan manhood to sway freely, its huge weight counteracted his upper body motions, acting like some genital gyroscope. In no time, Chris was ’snowboarding’ much better than he had ever done before, surpassing both Tasha and Kimber. As an added bonus, the swaying, sliding sensation felt fantastic. “Wow, Chris! You’re really coming from behind!” cheered Kimber, who, facing in the same direction as Chris, and positioned in front of him in the row, did not see his technique. “I’m about to cum just from the view from behind,” drooled Tasha, ogling Chris’s butt and the mammoth, swinging bulge between his legs. “I think he’s a natural.” After a few minutes more of snowboarding, Kimber announced, “Okay, that was a good warm up. Let’s get our hearts pumping.” She stopped the game and stepped off her board, then bent down and turned it parallel to the tv. Tasha followed suit and Chris complied clumsily, finding it difficult to bend over with a semi-hard boner between him and the board. Once the boards were positioned, Kimber launched a step aerobics routine, and Chris groaned immediately. The huge girth of his balls forced his thighs apart into a bowlegged stance, and the heft of his twenty pound nutsack and thick, fat prick was a burden to swing up with each step. While each of the girls fairly bounced up and down the board, Chris was laboriously heaving himself up and down, feeling like he had a thirty pound sack of potatoes between his legs. Ugh. Whew! I’m not sure how long I can do this. After a few quick, clumsy steps up and down, Chris stepped back off the board. “I’m not sure I’m quite built for this one, Kimber,” he said apologetically. “Oh, Chris” she said while bouncing up and down the step, “that’s okay. Sit this one out. You can jump back in whenever you want.” Chris waddled around the coffee table and sat down on the couch, spreading his legs wide to give his bloated balls plenty of room. He sighed with relief as the cushions absorbed the weight of his oversized genitals. Chris adjusted himself with both hands and settled down to watch the two girls bounce up and down on the step. This is the kind of workout I can handle! Just get Jen in there too, and my heart rate will be plenty high. Tasha and Kimber continued their step routine for several more minutes, until Tasha gasped, “That’s it! I’m picking the next one,” and stepped off the board with slightly wobbly legs. She gave a quick glance back at Chris on the couch, his fat, semi-hard salami bulging visibly through his stretchy pants. “I think this one is more our speed.” She launched a hula hoop routine, and Chris was transfixed as both girls began gyrating their hips and butts. “Ooooh! This one is fun!” squealed Kimber. Fun? This one is freaking amazing!, thought Chris. He could feel his cock immediately start to swell and thicken again. Kimber’s firm bubble butt looked incredible in the tight pink shorts she had on, and it bounced tantalizingly as she swiveled around. Tasha’s posterior wasn’t quite as curvy, though it was still nice, but her silky, high-cut shorts gave Chris a better view of her creamy white hips. Nnnnngh! Gotta get some of that. Chris’s thick prick began to creep even farther down the leg of his pants, easily surpassing the twenty six inch point. His girth continued to swell, stretching the leg of the pants entirely out of proportion. I’ll just slip out of these and I can have Kimber and Tasha right here on the couch. I wonder if I should do Kimber first, or Tasha? I bet Tasha will want to watch me with Kimber. Ohhh, but maybe Kimber will let me kiss her boobs while Tasha swallows first. I wonder if either of them has enough room for a second helping? Suddenly, Chris realized what he was doing. His mammoth schlong had almost reached his ankle in the sweats, and was easily over a foot around. It looked like he had two legs in one leg of the pants. His massive dick was throbbing urgently, and continued to surge and grow. I told Jen that I would control myself until she got back, and I’m already working out seconds with these two. I can’t do that! Jen would freak out! He stroked the side of his ballooning cock wistfully. What am I gonna do? I can’t resist this for six more hours. I gotta get off! He stroked his huge anaconda with both hands, a bit more vigorously. I gotta satisfy my cock. It has to get off soon! Chris’s eyes went back to the two mouthwatering asses shimmying in front of him. Oh, god. I need them soooooo bad. Jen would kill me, but I need some sex sooooon!
participants (9)
-
Christopher Morrow -
George - AD7RL -
Harry Hoffman -
Jerry Dixon -
NIG NOG -
shawn wilson -
Suresh Ramasubramanian -
valdis.kletnieks@vt.edu -
William Allen Simpson