nanog mailing list archives

Re: The Backhoe: A Real Cyberthreat?

From: sgorman1 () gmu edu
Date: Thu, 19 Jan 2006 16:28:54 -0500



Agree that a level of security is required, but the real value is in customers like banks knowing where their fiber is, 
so when they lease service for a back up provider they know it is not in the same ditch.

The article attribute the pro regulation quote to me, but actually it was out of context.  I was proposing that you 
need an anonymous secure data pool that cusomers could qery to see what providers for a set of buildings are diverse. 
The mathematics to do the diversity optimization are available just an issue of data. 

----- Original Message -----
From: Jeff Shultz <jeffshultz () wvi com>
Date: Thursday, January 19, 2006 3:42 pm
Subject: Re: The Backhoe: A Real Cyberthreat?


Jerry Pasker wrote:

While it is always fun to call the government stupid, or anyone

else

for that matter, there is a little more to the story.

- For one you do not need a backhoe to cut fiber
- Two, fiber carries a lot more than Internet traffic - cell

phone,

911, financial tranactions, etc. etc.
- Three, while it is very unlikely terrorists would only attack 
telecom infrastructure, a case can be made for a telecom attack

that

amplifies a primary conventional attack.  The loss of

communications

would complicate things quite a bit.

I'll agree it is very far fethced you could hatch an attack

plan from

FCC outage reports, but I would not call worrying about attacks

on

telecommunications infrastructure stupid.  Enough sobriety

though,

please return to the flaming.


I agree with you on all points except the one you didn't make.

:-)


The point is:  What's more damaging?  Being open with the maps

to

EVERYONE can see where the problem areas are so they can design

around

them? (or chose not to) or pulling the maps, and reports, and

sticking

our heads in the sand, and hoping that security through

obscurity works.


The people who have the problem areas should already know about 
them and 
 be designing around them. I'm sure that Sprint, for example, 
knows 
very well where backhoes have gone through it's fiber. Although it 
sounds like they may not know where all their fiber is... <sigh>

Joe Schmuck down on 2nd Street doesn't need to know about the 
problem 
areas and his input would likely be unwelcome.

And no security or amount of redundancy is likely to be perfect - 
and 
these companies are in business to make money after all.

Obscurity is not the entire answer. But it should be part of it.

-- 
Jeff Shultz

Current thread:

Re: The Backhoe: A Real Cyberthreat?, (continued)
- - Re: The Backhoe: A Real Cyberthreat? Robert Boyle (Jan 19)
    - Re: The Backhoe: A Real Cyberthreat? Randy Whitney (Jan 19)
    - Re: The Backhoe: A Real Cyberthreat? Michael . Dillon (Jan 20)
    - Re: The Backhoe: A Real Cyberthreat? sgorman1 (Jan 20)
  - Re: The Backhoe: A Real Cyberthreat? sgorman1 (Jan 19)
    - Re: The Backhoe: A Real Cyberthreat? Micheal Patterson (Jan 19)
    - Re: The Backhoe: A Real Cyberthreat? Jerry Pasker (Jan 19)
    - Re: The Backhoe: A Real Cyberthreat? Jim Popovitch (Jan 19)
    - Re: The Backhoe: A Real Cyberthreat? Robert E . Seastrom (Jan 19)
    - Re: The Backhoe: A Real Cyberthreat? Jeff Shultz (Jan 19)
    - Re: The Backhoe: A Real Cyberthreat? sgorman1 (Jan 19)
    - cyber-redundancy Sean Donelan (Jan 19)
    - Re: cyber-redundancy sgorman1 (Jan 19)
    - Re: cyber-redundancy Martin Hannigan (Jan 19)
    - Re: The Backhoe: A Real Cyberthreat? Daniel Golding (Jan 19)
- Re: The Backhoe: A Real Cyberthreat? Frank Coluccio (Jan 20)
  - Re: The Backhoe: A Real Cyberthreat? sgorman1 (Jan 20)
- RE: The Backhoe: A Real Cyberthreat? Wallace Keith (Jan 20)
  - Re: The Backhoe: A Real Cyberthreat? Martin Hannigan (Jan 21)
    - Re: The Backhoe: A Real Cyberthreat? Michael . Dillon (Jan 23)
- RE: The Backhoe: A Real Cyberthreat? Church, Chuck (Jan 21)

(Thread continues...)