Re: RE: Vulnerbilities of Interconnection

[<sgorman1 () gmu edu>]

That is one of the reasons research is being done at universities, 
they are not answerable to FOIA's.  While the university environment 
is not the Fort Knox of security for special projects a high level of 
security and confidentiality can be ensured.  Trying to sort out 
publications is the headache.

----- Original Message -----
From: "Daniel Golding" <dgolding () yahoo com>
Date: Thursday, September 5, 2002 1:27 pm
Subject: RE: Vulnerbilities of Interconnection

> The crux of the issue are FOIA requests. The government won't make 
> thesetypes of vulnerability reports immmune to FOIA requests - 
> thus a foreign
> terrorist or home-grown "farmbelt fuhrer" could simply order up a 
> list of
> the most vulnerable sites, and select some to attack.
>
> Due to the distributed nature of the internet, and the routing 
> protocolsthat regulate it's traffic flow, there is no single point 
> of failure.
> However, we have seen how concerted attacks can be made at multiple
> locations, almost simultaneously.
>
> If the government could agree to allow this information to remain
> confidential, it would greatly expedite the process of hardening 
> appropriatefacilities, and identifying weaknesses.
>
> - Daniel Golding
>
> > Sean Donelan Said...
> >
> >
> >
> > On Thu, 5 Sep 2002 sgorman1 () gmu edu wrote:
> > > very much like to avoid doing the research in a vaccuum.  I 
> was hoping
> > > a discussion on NANOG wold be a good first step.  The project 
> is quite
> > > hot with the politicos and I very much want to make sure to best
> > > recommendations are made.  Formal industrsy cooperation is one 
> side of
> > > this, but I think a lot of information can be gained from an 
> informal> > approach as well.  Any and all feedback is greatly 
> appreciated>
> >
http://www.infosecuritymag.com/2002/sep/2002survey/voices/verylarge.sht
ml>
> > On security reporting...
> > "Since Sept. 11, state, local and federal authorities have tried 
> to get
> > their arms around the potential threats to the nation's
> > infrastructure--including the telecommunications infrastructure. 
> They have
> > asked us questions like, 'What are your 100 most vulnerable 
> places in the
> > network?'"
> >
> > "As much as we would like to help the government in its attempt 
> to help
> > us, we believe it would be counterproductive to share such 
> information> widely because if it were released, it would provide 
> a terrorist with a
> > roadmap to our key locations. Unless the government agrees that 
> it can
> > protect our information, we will continue to respectfully 
> decline such
> > blanket requests."
> >
> > Bill Smith
> > CTO and President of Interconnection Services, BellSouth