Educause Security Discussion mailing list archives
Re: Foreign Nationals
From: Benjamin Parker <parkerbc () MOUNTUNION EDU>
Date: Thu, 31 May 2012 10:34:59 -0400
To take this to the next step, shouldn't our academic departments be the ones who are actively pursuing and recruiting "this type" of student to gain their skill sets, familiarity of culture, and thought processes of these other nation-states. Based on the assumption that these other places are limiting personal freedom, and going on the "theory" that we aren't. We should able to find the students who slip through the cracks of the nation-state's recruiting machine. These students would be invaluable to national security against the exact threats they are being perceived as. Ben Parker On Thu, May 31, 2012 at 10:20 AM, Doty, Timothy T. <tdoty () mst edu> wrote:
Now that's just crazy talk! Obviously we need to spy on all of them to find out which ones are secretly in communication with their masters in Tehran or Beijing, or have bad debts, a bad marital relationship that could be exploited, etc. Only then will you know who needs to be black bagged and taken overseas for some extra special questioning. And don't worry about that kind of problem among the overseers, you can rely on background checks and a polygraph to ensure that their ranks remain pure and untainted. [/sarcasm] (en.wikipedia.org/wiki/Aldrich_Ames) The current frenzy in the "intelligence" community has a familiar aroma ( en.wikipedia.org/wiki/House_Un-American_Activities_Committee). I prefer the approach where you don't presume knowledge about your adversary (e.g., the notion that arabs/muslims/chinese are evil so watch out for them) and take reasonable steps to secure resources from those not authorized access. And implement logging and auditing to watch for irregular access patterns by those with authorization. That way it doesn't matter who is, or why they are, attempting to get the resource whoever or whatever the case may be. When confronted by a direct and specific threat it very much helps to have detailed knowledge about the adversary to design specific countermeasures. But not only does it not help with general security, it can actively hinder. First, because potentially *anyone* is an adversary (hence you would need to have total information awareness, which, among other issues, has the problem of false correlation which leeches resources dealing with phantoms) and second because it encourages focusing on specific groups or characteristics which ignores reality (for example, not all arabs have dark skin, but even if they did it isn't hard to recruit someone who doesn't and so the 'dark skin' focused security measure becomes a waste of resources). Tim Doty -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto: SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Valdis Kletnieks Sent: Wednesday, May 30, 2012 4:50 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Foreign Nationals Which one of those is the biggest *real* threat to your general computing environment? And if you aren't putting special security controls on *that* person, why are you thinking about putting them on less risky people?
Current thread:
- Foreign Nationals Dean Halter (May 30)
- Re: Foreign Nationals randy marchany (May 30)
- <Possible follow-ups>
- Re: Foreign Nationals Dean Halter (May 30)
- Re: Foreign Nationals Valdis Kletnieks (May 30)
- Re: Foreign Nationals Doty, Timothy T. (May 31)
- Re: Foreign Nationals Benjamin Parker (May 31)
- Re: Foreign Nationals Valdis Kletnieks (May 31)
- Re: Foreign Nationals Valdis Kletnieks (May 30)