Re: U.S. spy agencies ... email for cybersecurity

[shawn wilson <ag4ve.us () gmail com>]

On Mon, Jul 9, 2012 at 11:22 PM, Christopher Morrow
<morrowc.lists () gmail com> wrote:


> > But to help protect the private sector, he said it was important that the
> > intelligence agency be able to inform them about the type of malicious
>
> translated: "Hey, what if we could tell our private sector partners
> (Lockheed-Martin, for instance) that they should be on the lookout for
> things like X, or traffic destined to Y, or people sending all their
> DNS queries to these 5 netblocks." (dcwg.org sorta crap)

or, lets take a real example - rsa gets compromised and a third of the
authentication tons (most?) of government agencies were using is all
of a sudden vulnerable (possibly more than that if you consider that
rsa could've lost classified technology). rsa has to realize the
threat and can take their time to disclose what they want to disclose.

i think if i were in the power to fix that, i would *try* :) ie, i
highly doubt a massively scaled system has a chance at detecting most
apt.

also, i don't really like the idea that someone might be monitoring my
activities (who watches the watchers). however, if i were in the
position of acquiring data about threats, i think i'd try to suck in
as much data as i had the processing power to manage.