North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Destructive botnet originating from Japan
- From: Gadi Evron
- Date: Sun Dec 25 06:13:33 2005
On Sun, 25 Dec 2005, Richard A Steenbergen wrote:
> On Sun, Dec 25, 2005 at 02:06:38AM -0600, Gadi Evron wrote:
> > It is difficult to hear something important that one invested much in is
> > doing harm, but that is the only conclusion I and others can come up with
> > after years of study, and NSP-SEC, as amazing as it has been, has been of
> > a negative impact other than to cause a community to form and act
> > together. Which is amazing by itself and which is why I believe it
> > can do so much more.. even if it is relatively young it has proven
> > itself time and time again... I am straying from the subject here.
> Could have told you that a long time ago. NSP-SEC became useless the day
> it became so bogged down in its own self-aggrandizing paranoia that no one
> could possibly be bothered to actually tell anyone outside of the secret
> handshake club about security issues they've spotted.
> On the other hand, if you ARE going to sit around pissing and moaning
> about botnets you are too "sekure" to tell anyone else about, thus
> assuring they never get fixed, at least it's nice to do it in one secret
> place so I don't have to hear it. :)
There is a lot to be said of NSP-SEC which is positive, not much which is
negative. I am not sure where we would be today if not for NSP-SEC.
Further, I believe that:
1. In today's world secret-handshake clubs for all-white all-rich
all-christians are neccesary for our security.
2. Much of what is being kept secret is silly, for the Bad Guys have that
information and the Good Guys fight day and night to try and grab a bit
In my opinion working with other communities and industries, as long as
security can be maintained in a vetted enviroment is critical. That said,
it has always been my goal to make public as much data as *possible*.
As to NSP-SEC, it is off-topic for this list to discuss NSP-SEC policies
and people here should be thankful it is there. NSP-SEC officials can
reply if they like, but I doubt they will bother as they as well as the
rest of us know what they are worth.
As to their arrogance... I believe it is ignorance (!- stupidity) of the
harm they cause and I will probably get flamed for saying this as I really
hold them in an extremely high regard.. but that is how I and everyone else who has worked
on botnets beyond network opeations that I know personally and discussed
this with will call it.