Full Disclosure mailing list archives
Re: Reuters: Microsoft to give holes info to Uncle Sam first - responsible vendor notification may not be a good idea any more...
From: Valdis.Kletnieks () vt edu
Date: Sun, 13 Mar 2005 01:53:49 -0500
On Sat, 12 Mar 2005 16:33:46 CST, "J.A. Terranson" said:
*ALL* government pc's (whether US gov, UK gov, Martian gov., whatever) are critical infrastructure bozo.
Critical infrastructure: If it dies, things start breaking *very* badly, very quickly. If a PC directly related to managing calls in an E911 center dies, then emergency calls don't get routed. That's critical infrastructure. If something nails the NOC at AS701, large parts of the net could conceivably crash and there be no way to get things working. That's critical infrastructure. If some PC at the IRS gets whacked, then several hundred tax audits that were being handled by that tax agent get delayed until the system can be re-imaged and restored from backups. That's not critical infrastructure. Now tell me - what percent of government systems, if they were suddenly and unexpectedly unplugged from the network, would result in a partial or complete loss of network functionality? Things like routers, mail servers, Active Directory servers, and so on - *those* are "critical infrastructure". If you have critical infrastructure out on a secretary's desk, you're doing something *very* wrong....
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://www.secunia.com/
Current thread:
- Reuters: Microsoft to give holes info to Uncle Sam first - responsible vendor notification may not be a good idea any more... Tamas Feher (Mar 12)
- Re: Reuters: Microsoft to give holes info to Uncle Sam first - responsible vendor notification may not be a good idea any more... J.A. Terranson (Mar 12)
- Re: Reuters: Microsoft to give holes info to Uncle Sam first - responsible vendor notification may not be a good idea any more... Valdis . Kletnieks (Mar 12)
- Re: Reuters: Microsoft to give holes info to Uncle Sam first - responsible vendor notification may not be a good idea any more... Devdas Bhagat (Mar 12)
- Re: Reuters: Microsoft to give holes info to Uncle Sam first - responsible vendor notification may not be a good idea any more... J.A. Terranson (Mar 12)
- Re: Reuters: Microsoft to give holes info to Uncle Sam first - responsible vendor notification may not be a good idea any more... Devdas Bhagat (Mar 12)
- Re: Reuters: Microsoft to give holes info to Uncle Sam first - responsible vendor notification may not be a good idea any more... J.A. Terranson (Mar 12)
- Re: Reuters: Microsoft to give holes info to Uncle Sam first - responsible vendor notification may not be a good idea any more... Valdis . Kletnieks (Mar 12)
- Re: Reuters: Microsoft to give holes info to Uncle Sam first - responsible vendor notification may not be a good idea any more... J.A. Terranson (Mar 12)
- Re: Reuters: Microsoft to give holes info to Uncle Sam first - responsible vendor notification may not be a good idea any more... J.A. Terranson (Mar 12)
- Re[2]: Reuters: Microsoft to give holes info to UncleSam first - responsible vendor notification may not be a good idea anymore... phased (Mar 13)
- Re: Reuters: Microsoft to give holes info to UncleSam first - responsible vendor notification may not be a good idea anymore... Vincent Archer (Mar 14)