nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Destructive botnet originating from Japan

From: Gadi Evron <ge () linuxbox org>
Date: Sun, 25 Dec 2005 05:12:18 -0600 (CST)

On Sun, 25 Dec 2005, Richard A Steenbergen wrote:

On Sun, Dec 25, 2005 at 02:06:38AM -0600, Gadi Evron wrote:


It is difficult to hear something important that one invested much in is
doing harm, but that is the only conclusion I and others can come up with
after years of study, and NSP-SEC, as amazing as it has been, has been of
a negative impact other than to cause a community to form and act
together. Which is amazing by itself and which is why I believe it
can do so much more.. even if it is relatively young it has proven
itself time and time again... I am straying from the subject here.


Could have told you that a long time ago. NSP-SEC became useless the day 
it became so bogged down in its own self-aggrandizing paranoia that no one 
could possibly be bothered to actually tell anyone outside of the secret 
handshake club about security issues they've spotted.

On the other hand, if you ARE going to sit around pissing and moaning 
about botnets you are too "sekure" to tell anyone else about, thus 
assuring they never get fixed, at least it's nice to do it in one secret 
place so I don't have to hear it. :)



There is a lot to be said of NSP-SEC which is positive, not much which is 
negative. I am not sure where we would be today if not for NSP-SEC.
Further, I believe that:
1. In today's world secret-handshake clubs for all-white all-rich
all-christians are neccesary for our security.
2. Much of what is being kept secret is silly, for the Bad Guys have that 
information and the Good Guys fight day and night to try and grab a bit
of it.

In my opinion working with other communities and industries, as long as
security can be maintained in a vetted enviroment is critical. That said,
it has always been my goal to make public as much data as *possible*.

As to NSP-SEC, it is off-topic for this list to discuss NSP-SEC policies
and people here should be thankful it is there. NSP-SEC officials can
reply if they like, but I doubt they will bother as they as well as the
rest of us know what they are worth.

As to their arrogance... I believe it is ignorance (!- stupidity) of the
harm they cause and I will probably get flamed for saying this as I really
hold them in an extremely high regard.. but that is how I and everyone else who has worked
on botnets beyond network opeations that I know personally and discussed
this with will call it.

        Gadi
Previous By Date Next
Previous By Thread Next

Current thread: