Full Disclosure mailing list archives

RE: Please post to the list

From: "Schmehl, Paul L" <pauls () utdallas edu>
Date: Fri, 22 Nov 2002 21:44:02 -0600

-----Original Message-----
From: ratel [mailto:ratel () mailvault com] 
Sent: Friday, November 22, 2002 9:05 PM
To: full-disclosure () lists netsys com
Subject: Re: [Full-disclosure] Please post to the list



-----BEGIN PGP SIGNED MESSAGE-----

On 22-Nov-2002 12:19:52 -0500, you wrote:

in your ideal world, how would you help
me stay secure and prevent all the attacks that bludgeon my network?

This is a legitimate question, and I would appreciate a legitimate  
answer, rather than the usual blather that has dominated this list.


Two words: AIR GAP.


Not an option, therefore not worth discussing.

Nothing could be simpler: don't put anything you wouldn't mind losing 
on a box that connects to the intenet. 

Radical, I know--but if it works for JTF-CNA it certainly works for me.

Speaking of the Devil, do you really think those delightful fellows 
employed by JTF-CNA, NSA &c. really run to tell Microsoft and other 
vendors everytime they find a hole/sidechannel/backdoor in their 
software? Do you honestly think any man jack of them spends two seconds

concerning himself with this kind of anguished hand-wringing debate?


Do you really think the average sysadmin cares?  All this is nothing but
side-show to distract from the weakness of the blackhat argument.

Forget it. In their world, full disclosure is irrelevant. Dead. A bad 
joke. Grow up and stop kidding yourselves.


I'm not the one kidding myself.

The ugly truth is that some of the greatest, most technically

brilliant,

truly ethical-after-their-own fashion blackhats are pulling paychecks 
from Ft. Meade. 

Ethical, because for them it's not about money.
It's about control. 
After all, "Information is Power".

They've been running rings around all you poor suckers for years. 

And as long as you aren't protecting your critical information 
yourself with an air gap? Content to rely on corrupt scumbag snake 
oil vendors to "protect you" as they pick your pocket and sell you 
out time and again to the highest bidder?


Do you lay awake at night to think this stuff up?  It's really comical.

Paul Schmehl (pauls () utdallas edu)
TCS Department Coordinator
The University of Texas at Dallas
http://www.utdallas.edu/~pauls/
AVIEN Founding Member 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Please post to the list Schmehl, Paul L (Nov 22)
- Re: Please post to the list Day Jay (Nov 22)
- <Possible follow-ups>
- RE: Please post to the list Schmehl, Paul L (Nov 22)
  - RE: Please post to the list Day Jay (Nov 22)
  - Re: Please post to the list Alexander Bartolich (Nov 22)
- RE: Please post to the list b0iler _ (Nov 22)
- RE: Please post to the list Schmehl, Paul L (Nov 22)
- RE: Please post to the list Schmehl, Paul L (Nov 22)
- Re: Please post to the list ratel (Nov 22)
- RE: Please post to the list Schmehl, Paul L (Nov 22)
- RE: Please post to the list ratel (Nov 22)
- RE: Please post to the list Schmehl, Paul L (Nov 23)
- RE: Please post to the list ratel (Nov 23)
  - Re: Please post to the list John Andersen (Nov 23)
- RE: Please post to the list Schmehl, Paul L (Nov 23)