[Dshield] DHS wants to silence reporting of network outages -- DSHIELD next?
ed.truitt at etee2k.net
Fri Jun 25 02:51:00 GMT 2004
I decided to just put my remarks inline with Jon's.
My point: While I will weigh in on the side of not suppressing
knowledge, I do think the DHS has a point -- there are times when full
disclosure is *not* advisable -- for example, when the police withold
certain information about a crime from the public, as a means of testign
the veracity of someone who might wish to confess. No way the DHS is
going to keep a lid on every aspect of an Internet service outage, as
there are plenty of folks who test the "state of the Internet". But, do
we *really* need to know all the details about why AOL or InterNAP went
down? Is not the fact that we had a delay, and were able / not able to
work around it, enough? According to the report, the details weren't
being suppressed -- they were just being routed to those who could make
best use of the information. DHS or no DHS, if my ISP has an outage,
I'll know about it.
Jon R. Kibler wrote:
>What is next in our government's continuing expansion of paranoia?
A pre-emptive strike against Martian terrorists (the new "red scare")?
> - Will they next try to silence dshield.org and incidents.org's reporting of port scans because it may give terrorists some idea if their scans are being detected?
Probably not, though they might wish that the data were not made
public. However, similar data is already available from commercial
sources -- and AQ seems to have enough money they could afford to
subscribe to the commercial services. So, I suspect they will ban
queues to the loo on commercial airlines first... oops, done that.
Of course, if they do try it, then Johannes could always relocate
dshield.org, and host it on some island in the Bahamas. In which case,
Johannes, I want to volunteer for server maintenance duty -- expenses
paid, of course ;-)
> - How about suppressing discussions of security problems on BugTraq, DShield, SANS, SecurityFocus, and other forums because it may give terrorists ideas on what exploits work best?
If I recall, some vendors have been pushing a "responsible disclosure"
model, under the assumption that it would deny information on vulns and
exploits to the "bad guys". Same paradigm applies here. I don't think
any attempts to suppress such discussion would be effective over the
long haul, however -- people (including people in Big Influential
Organizations) need this information to help protect themselves.
>Where will it end?
The good news: It probably won't. The bad news: it probably won't.
>It really sickens me how our civil liberties are being eroded day by day under the guise of "national security." I would rather be a lot less secure and much more free!
Not just "National" security -- and not just in the USA, either. The
"authorities", whereever they may be, are tasked with ensuring security,
which is best accomplished when they have complete control of the
situation / environment. That is why they have certain procedures -- to
assert the fact that they are in control. Also, they have a need to *do
something* -- anything -- and this tends to lead to some pretty funny
(bizarre) ideas. We know (or at least some of us suspect) that
suppressing knowledge won't make the world (whether in meatspace or
cyberspace) a more secure place, though it will make the authorities
feel better about themselves. Despite the best efforts of the "control
freaks", the WWW is still a pretty free place, speech-wise.
>Maybe we should all have a Fahrenheit 9/11 party?
It should probably be a "Celsius 911" party, to protect Ray Bradbury's
Intellecutal Property rights. And, it should consist of everyone
submitting logs to DShield every 30 minutes, to see if we can bring down
Johannes' shiny new server. Remember, he asked for it ;-)
Of course, if we want to do something *constructive* (other than trying
to DoS dshield.org by submitting lots of logs), maybe we could teach a
course / hold a seminar in PC Security at our local Continuing Education
Center, or write an op-ed piece for the local newspaper, or do something
to get our point of view (in a non-political way might be best) in front
of the public. After all, those authorities do tend to listen (some
more than others) to their constituents.
PGP fingerprint: 5368 D25E 468C A250 9833 CCD6 DBAE 9C25 02F9 0AB9
"Note to spammers: my 'delete' key is connected to YOUR ISP.
Also, if you send me UCE, I reserve the right to post your spew
on my Web site, with the appropriate color commentary, so that
others may have a good laugh at your expense."
More information about the list