nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: NSP-SEC - should read Integrity

From: "Patrick W. Gilmore" <patrick () ianai net>
Date: Fri, 19 Mar 2010 10:12:58 -0400
On Mar 19, 2010, at 9:56 AM, bmanning () vacation karoshi com wrote:

On Fri, Mar 19, 2010 at 08:44:29AM -0500, William Pitcock wrote:

On Fri, 2010-03-19 at 08:31 -0500, John Kristoff wrote:

An ongoing area of work is to build better closed,
trusted communities without leaks. 


Have you ever considered that public transparency might not be a bad
thing?  This seems to be the plight of many security people, that they
have to be 100% secretive in everything they do, which is total
bullshit.

      
      I thnk I'd settle for operators with Integrity. those who do what 
      they say. 


If we had that, no secrecy would be needed.

But anyone who thinks publishing everything we learn about the miscreants is a Good Idea, has never tried to take out a 
botnet or snow-shoe spammer or ....

Secrecy sucks.  If you think those keeping secrets enjoy it[*], you just haven't been bored to tears by working one of 
these issues.  Seriously, most of the work is mind numbingly horrible, and I have nothing but the utmost respect for 
people who do it on a regular basis. (In case it is not clear, I do not have to do it often, and for that I think 
whatever ghods there may be.)

Put another way: Do not dis those that make the Internet safer for you.  They spend time, effort, and money - 
frequently their own - and risk much more (ever been sued by a spammer?).  In return, they often get nothing.  Before 
you question (and to be clear, I am not saying you should not question), offer to help and see things from their side.

-- 
TTFN,
patrick

[*] I'm sure there are a few who get off on the thrill.  But that's the exception, not the rule.
Previous By Date Next
Previous By Thread Next

Current thread: