Re: The CIA mentions us
Rich Kulawiec <rsk@gsp.org> Sun, 12 March 2017 12:47 UTC
Return-Path: <rsk@gsp.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC2AB128DF6 for <ietf@ietfa.amsl.com>; Sun, 12 Mar 2017 05:47:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NCBtGUP0HjL2 for <ietf@ietfa.amsl.com>; Sun, 12 Mar 2017 05:47:22 -0700 (PDT)
Received: from taos.firemountain.net (taos.firemountain.net [207.114.3.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 31B65128824 for <ietf@ietf.org>; Sun, 12 Mar 2017 05:47:21 -0700 (PDT)
Received: from gsp.org (localhost [127.0.0.1]) by taos.firemountain.net (8.15.1/8.14.9) with SMTP id v2CClKGo032086 for <ietf@ietf.org>; Sun, 12 Mar 2017 08:47:20 -0400 (EDT)
Date: Sun, 12 Mar 2017 08:47:20 -0400
From: Rich Kulawiec <rsk@gsp.org>
To: IETF Discussion Mailing List <ietf@ietf.org>
Subject: Re: The CIA mentions us
Message-ID: <20170312124720.GA13596@gsp.org>
References: <20170307155346.fwhhpnsm4wl6zzoo@nic.fr> <CAMm+Lwh5E-NPXsVWQpK2tA8Rr+6SpvJJKxMbiks7_F1umxz2FQ@mail.gmail.com> <20170307160840.duv7wwg5sm23nrek@nic.fr> <44d06f90-0f38-f6de-8eb1-cf8262369cd5@bogus.com> <c6df6333-1a08-aa0c-c1de-55d335234f2a@si6networks.com> <alpine.LRH.2.01.1703071034050.3764@egate.xpasc.com> <CAMm+LwioHOJxDZudH8Ya9SYv5DT1fPMJ5ypDR8O5JGa4HwxPvg@mail.gmail.com> <F950C538-05E4-451B-8AC0-A42010DAA8D6@piuha.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <F950C538-05E4-451B-8AC0-A42010DAA8D6@piuha.net>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/Yns14MMK9A53mJPLNBp8VFLoNaY>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Mar 2017 12:47:23 -0000
On Thu, Mar 09, 2017 at 10:36:07PM +0200, Jari Arkko wrote: > 2. There is no such thing as privileged access to the good guys. It > will leak / break / be shared. > > 3. Secretly held vulnerabilities make us all less safe. Two points: A) Worth noting (h/t to Richard Forno): Rand: The Life and Times of Zero-Day Vulnerabilities and Their Exploits http://www.rand.org/pubs/research_reports/RR1751.html The key findings are highly illuminating -- particularly the observation that the median time -- the *median* time -- to develop an exploit for a zero-day vulnerability is 22 days. B) What one government knows, another will know soon. There are enormous resources available for this task and vulnerability information, unlike some other forms of intelligence, can be immediately used with plausible deniability and without attribution. ---rsk
- The CIA mentions us Stephane Bortzmeyer
- Re: The CIA mentions us Phillip Hallam-Baker
- Re: The CIA mentions us Phillip Hallam-Baker
- Re: The CIA mentions us Stephane Bortzmeyer
- Re: The CIA mentions us joel jaeggli
- Re: The CIA mentions us Fernando Gont
- Re: The CIA mentions us David Morris
- Re: The CIA mentions us Fernando Gont
- Re: The CIA mentions us Phillip Hallam-Baker
- Re: The CIA mentions us Phillip Hallam-Baker
- Re: The CIA mentions us Jari Arkko
- Re: The CIA mentions us John C Klensin
- Re: The CIA mentions us Phillip Hallam-Baker
- Re: The CIA mentions us Vinayak Hegde
- Re: The CIA mentions us willi uebelherr
- Re: The CIA mentions us Michael Richardson
- Re: The CIA mentions us Dave Cridland
- Re: The CIA mentions us Phillip Hallam-Baker
- Re: The CIA mentions us Jari Arkko
- Re: The CIA mentions us Ted Lemon
- Re: The CIA mentions us Bob Hinden
- Re: The CIA mentions us Jari Arkko
- Re: The CIA mentions us Stephen Farrell
- Re: The CIA mentions us Phillip Hallam-Baker
- Re: The CIA mentions us joel jaeggli
- Re: The CIA mentions us Rich Kulawiec
- Re: The CIA mentions us Ted Lemon
- Re: The CIA mentions us Phillip Hallam-Baker
- Re: The CIA mentions us willi uebelherr
- Re: The CIA mentions us Yoav Nir
- Re: The CIA mentions us willi uebelherr
- RE: The CIA mentions us Tony Hain