NSP-SEC

[Guillaume FORTAINE <gfortaine () live com>]

Misses, Misters,

I would want to inform you that the security of the Internet, that is 
discussed in the NSP-SEC mailing-list [0] by a selected group of vendors 
(Cisco, Juniper & Arbor) [1] and operations contacts of the big ISPs [2] :


1) applies the "Security through Obscurity" paradigm that has been 
proven inefficient [3]. To quote [4] :

"Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
community. Confidentiality is essential for effective Internet security 
counter-measures."

First question : Why was I able to find this mail on the Internet if it 
should be kept secret ?


2) includes [5]

a) Spammers (Rodney Joffe) [6] [7]

b) Freelancers (Gadi Evron) [8] [9]

Second question : Do you still ask yourself why the Internet is so 
insecure ? [10]


Best Regards,

Guillaume FORTAINE

[0] http://puck.nether.net/mailman/listinfo/nsp-security
[1] http://www.confickerworkinggroup.org/wiki/pmwiki.php/SP/ServiceProviders
[2] 
http://docs.google.com/viewer?url=http://www.cisco.com/web/ME/exposaudi2009/assets/docs/isp_security_routing_and_switching.pdf
[3] http://en.wikipedia.org/wiki/Security_through_obscurity
[4]
http://lists.ausnog.net/pipermail/ausnog/2007-April/000397.html
[5]
http://www.google.com/search?hl=en&source=hp&q="nsp-sec"+site:mailman.nanog.org&aq=f&aqi=&aql=&oq=&gs_rfai=&esrch=FT1
[6] http://mailman.nanog.org/pipermail/nanog/2008-October/004724.html
[7] http://www.iadl.org/RodneyJoffe/rodneyjoffe.html
[8] http://mailman.nanog.org/pipermail/nanog/2009-November/015354.html
[9] http://il.linkedin.com/in/gadievron
[10] http://caislab.kaist.ac.kr/77ddos/