Full Disclosure mailing list archives
Re: licensing discussion
From: Mary and Glenn Everhart <Everhart () gce com>
Date: Sun, 12 Oct 2008 19:13:36 -0400
Gents - Consider an old quote from LBJ, approximately "the design of a law when well administered is rarely the problem. Designing measures that work when badly administered is what is difficult." A licensing system might conceivably be administered to enhance security for the world's software and systems. However it is also likely one might be administered to simply shut down all the inconvenient discussions of vulnerabilities and any open research into them, which at least could allow vendors less adverse publicity. I consider this far more likely than a system that would genuinely distinguish good from evil intentions. If recent history - look at how DMCA gets abused in the US and how surveillance "against terrorism" has become surveillance for all manner of other stuff - cannot convince, then just ask where those running a licensing activity might get their people. Care to give odds how many basically unattested experts will be there, and how many corporate testers, regardless of the relative level of understanding of these people? Throwing out notions that government might save us from this or that evil tends to forget that in the past government has in many cases royally "screwed the pooch", and has in others managed not to do its job well enough to avoid other crack-ups (like the current financial disaster, where apparently they sat by and allowed $60+ trillion in fake insurance policies to be written without any capital to back them up. (The figure is gleaned from news reports.) I suspect that looking for technical solutions to some of the infosec problems is much more likely to work than tossing the problem over the wall to the government. Glenn Everhart _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: licensing discussion Mary and Glenn Everhart (Oct 12)