North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: The Backhoe: A Real Cyberthreat?
- From: Robert E.Seastrom
- Date: Thu Jan 19 16:45:29 2006
Jim Popovitch <firstname.lastname@example.org> writes:
> Jerry Pasker wrote:
>> The point is: What's more damaging? Being open with the maps to
>> EVERYONE can see where the problem areas are so they can design
>> around them? (or chose not to) or pulling the maps, and reports, and
>> sticking our heads in the sand, and hoping that security through
>> obscurity works.
> Let's look at this from another point of view: Should we remove all
> keylocks from backhoes so that everyone can have access to them? :-)
This analogy is faulty, but illuminating insofar as it illustrates the
fallacy of putting up low bars to access that don't actually stop
people who're willing to put a little bit of effort into beating it.
Keylocks only work when your threat model is drunk fratboys or bored
teenagers (which is not necessary a disjoint set). They aren't a
significant part of the threat model for intentional fiber cuts.
Any John Deere dealer will be able to supply you with a key that
operates the vast majority of John Deere equipment of a certain type.
Anyone who can plan ahead enough to order from eBay is in like Flynn.
> I'm all for openness, but sometimes some things only need to be accessed
> and used by the professionals that need those things. I fully trust
> that the big network operators, the ones that really really do need
> this data, have all the info they need to plan their network
> expansions, etc. I don't need to see this data, even though I might
> want to.
Then don't look at it. :)