Help!

Pointer, Public Policy issue - from Bill Stearns

  
  
Post new topic   General Reply to Topic (not reply to a specific post)    Forums Home -> Security RSS
Next:  wireless MAC record-keeping for URLs  
Author Message
responder
External


Since: Jun 02, 2006
Posts: 107
PostPosted: Thu Jun 14, 2007 3:29 am    Post subject: Pointer, Public Policy issue - from Bill Stearns
Archived from groups: comp>os>linux>security (more info?)
Too good to miss...

If you're not reading http://isc.sans.org/diary.html , you should be every
day. It is posted blog style and archived, so the page I see now may be
different when you view it later. The linked pdf has the message. Here
is Bill's posting from the sans site:

Office of Cyber Public Health?
Published: 2007-06-14,
Last Updated: 2007-06-14 05:02:03 UTC
by William Stearns (Version: 1)

Joe St. Sauver, security and spam researcher at the University of
Oregon, points out that botnets are a symptom; the cause is infected
systems. We can't clean up the bots without cleaning up the infected
systems first.

His paper for the Anti-Phishing Working Group is here
http://www.uoregon.edu/~joe/ecrime-summit/ecrime-summit.pdf

As you read it, ask yourself these questions. If you think his proposal
wouldn't work, what would you recommend instead? Would your proposal be
more likely to succeed? Why?

-- Bill
Back to top
responder
External


Since: Jun 02, 2006
Posts: 107
PostPosted: Sun Aug 05, 2007 11:21 pm    Post subject: Re: Pointer, Public Policy issue - from Bill Stearns [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
jayjwa wrote:

[...]

> The hardest part of a solution like this would likely be attaching a cost
> to the abuse. Maybe it needs to a sue-able offense? Maybe there needs to
> be a few basic laws created, or old ones updated for the Internet of
> today? I'm not sure; but I garantee that it's better and less restrictive
> than turning the whole thing over to the government.

The bulk of what I trimmed is a good and intelligent suggestion. The
problem is that there is no tasked group to pursue and implement punitive
sanctions against abusers, just as there is apparently no organized
consensus of the need to do so.

While we lived long before without internet, it has quickly become an
indispensable part of essential infrastructure. I do share your aversion
to total government control. Development of consensus alternatives needs
community discussion and involvement.

Those who think this need not be a personal concern to them are in denial.
Thanks for your intelligent consideration and thanks for writing. I will
continue to try to read and answer as I am able, should you or others
continue the discussion.

To those whose own news servers do not carry the original messages in this
thread, I would suggest google groups (groups.google.com).
Back to top
Display posts from previous:   
Post new topic   General Reply to Topic (not reply to a specific post)    Forums Home -> Security All times are: Eastern Time (US & Canada) (change)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum