Todd Suiter <todd@s4r.com> wrote:

Also, the long term repercussions of today's events may well be staggering for this group, and our industries as a whole. [...]

Just a few off the top of my head: 1) Physical risk to facilities This is a nightmare, most of our facilities *suck*. Run an intrusion scenario against anything but the absolute primo colo facilities and you walk right in the door, and the primo ones are vulnerable to mild levels of professional active threat (rocket, bomb, wall breach, etc). There is too much money in some of those buildings to treat this as lazily as we do now. 2) Assured physically separate routing links The current situation is unacceptable. We need to know where our circuits physically go, and when that changes, and have real options for physical routing. 3) Disaster recovery plans for facilities dropped into a hole in the ground My current contract had just deferred a major expansion on this issue. They're in a building clearly identifyable on the San Francisco skyline. I expect this to be a major reassessment starting tomorrow. You, too... 4) Echelon / snooping / crypto privacy issues What sorts of likely issues will we see if there is enhanced government monitoring mandated as a result of this? 5) Services provider load-handling I was chatting with someone at cnn.com throughout the morning. They had to roll literally dozens and dozens of additional servers into service when the hits started rolling in after the incident was reported first. It looks like everyone was able to hold on in both the network and the source provider side... but this needs a careful look for lessons learned. -george william herbert gherbert@retro.com