Security Matters: Vigilantism Is a Poor Response to Cyber Attack

["Fergie" <fergdawg () netzero net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

A very good read.

Bruce Schneier:

[snip]

Last month Marine General James Cartwright told the House Armed Services
Committee that the best cyber defense is a good offense.

As reported in Federal Computer Week, Cartwright said: "History teaches us
that a purely defensive posture poses significant risks," and that if "we
apply the principle of warfare to the cyberdomain, as we do to sea, air and
land, we realize the defense of the nation is better served by capabilities
enabling us to take the fight to our adversaries, when necessary, to deter
actions detrimental to our interests."

The general isn't alone. In 2003, the entertainment industry tried to get a
law passed giving them the right to attack any computer suspected of
distributing copyrighted material. And there probably isn't a sys-admin in
the world who doesn't want to strike back at computers that are blindly and
repeatedly attacking their networks.

Of course, the general is correct. But his reasoning illustrates perfectly
why peacetime and wartime are different, and why generals don't make good
police chiefs.

[snip]

More:
http://www.wired.com/politics/security/commentary/securitymatters/2007/04/s
ecuritymatter_0405

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.0 (Build 214)

wj8DBQFGFJVsq1pz9mNUZTMRArRhAKCzHtsQy+l2CL7A7vZs7cb5d4u1RgCeI44Z
ecH2jlwK1ii60p4+kWBbqPA=
=DsL1
-----END PGP SIGNATURE-----


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.