Re: DHS need to get on top of this right now

[<Glenn.Everhart () chase com>]

I suspect rather that DHS needs to first acquire the expertise to deal with these issues, and participate as
helpers rather than as directors. 
 
Nanog has dealt with interruptions to the Internet in the past, with success enough that most people are unaware that
major problems ever occurred. There is no reason to expect anyone in government could do as well, and blocking
discussion (the general effect of banning it in "public places" - ever work on a spook job?) would have made the
recovery in the last outage I heard about impossible. 
 
Unfortunately, wisdom and knowledge do not automatically come with authority. DHS has authority, at least within the
US, but has not the record of accomplishment that Nanog has. Let them come forward with improved routing codes that
are not subject to attacks, or with protocols that can be seen to be better than are current, get them discussed, and
act to facilitate (often = "pay for") changing over to such, and this would provide the kind of reputation that would 
get
them followed and improve safety without writing mandates that could make things worse. They should of course be open
to competing designs also, since others may come up with better designs. Participating in this way would show
wisdom.
 
Glenn Everhart
(speaking for myself)
 
-----Original Message-----
From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk]On Behalf Of 
worried security
Sent: Wednesday, October 24, 2007 12:32 PM
To: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] DHS need to get on top of this right now


I'm sorry everyone I was just trying to highlight a valid point, i didn't expect a flame war to errupt.
 
The DHS need to ban ISP's from talking about infrastructure security in public places. it should be classified 
information don't you all think?
 
Just because Nanog has been offending for years by talking about similar subjects doesn't mean its ok and action should 
be taken now to prevent the continuation of critical infrastructure security recovery be talked about in public. 
 
For anyone who does care about what i'm talking about, I apologize about the trolls in my thread who told me I worked 
in Mc Donalds and KFC.
 
I know not everyone hates me so perhaps we can have mature discussions about the DHS and Nanog instead of bashing each 
other saying I work in Mc Donalds, KFC etc.
 
n3td3v



-----------------------------------------
This transmission may contain information that is privileged,
confidential, legally privileged, and/or exempt from disclosure
under applicable law.  If you are not the intended recipient, you
are hereby notified that any disclosure, copying, distribution, or
use of the information contained herein (including any reliance
thereon) is STRICTLY PROHIBITED.  Although this transmission and
any attachments are believed to be free of any virus or other
defect that might affect any computer system into which it is
received and opened, it is the responsibility of the recipient to
ensure that it is virus free and no responsibility is accepted by
JPMorgan Chase & Co., its subsidiaries and affiliates, as
applicable, for any loss or damage arising in any way from its use.
 If you received this transmission in error, please immediately
contact the sender and destroy the material in its entirety,
whether in electronic or hard copy format. Thank you.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/