BTW, for those just reading this, nothing I'm saying is classified and could be read from multiple open sources.
Take a CISSP class and you will get far better and more current information than I can provide. On Wed, Apr 25, 2012 at 9:08 PM, LRS Scout <[email protected]> wrote: > Agreed about the impact of the law, don't see how it will help. Data > mining against U.S. citizens seems to be all this will enable. It's all > ready being done, and at large scale, but this will only increase that and > codify it into law. think total information awareness writ large. > > As to your second statement, well should you discover the exploit, you > could honey pot it, use it for false flag or doubling operations. > > > On Wed, Apr 25, 2012 at 9:03 PM, Dana <[email protected]> wrote: > >> >> don't tell me anything you shouldn't. I have no desire to talk to the >> Men in Black either. >> >> It's just that in this context.... ummmmm. I was going to say won't >> they notice if you remedy the breach but nm, in many cases there would >> be things you could do. Assuming the other side isn't sophisticated >> enough to detect those things. Hmm. Still don't quite see how this law >> would do anything good in this context. >> >> On Wed, Apr 25, 2012 at 5:50 PM, LRS Scout <[email protected]> wrote: >> > >> > It's not just human sources. >> > >> > You don't want to reveal methods and capabilities. If you reveal a >> SIGINT >> > capability than the notional "enemy" will change their TTPs (tactics, >> > techniques and procedures), and you have closed a potential source. >> > >> > Additionally you wouldn't want a vulnerability to be open sourced until >> > your own systems have been patched, otherwise you potentially expose >> your >> > self to further attacks from multiple directions. >> > >> > I don't feel comfortable talking about anything operational or >> tactical. I >> > still could be prosecuted. >> > >> > Let's keep things general :) >> > >> > On Wed, Apr 25, 2012 at 8:26 PM, Dana <[email protected]> wrote: >> > >> >> >> >> by the way, if you can comment on what sort of cybersecurity threat >> >> might be classified I'd be interested. I would think that detection >> >> usually happens at the hardware and software level, and that there >> >> would not be the concern about protecting an informant or an agent >> >> that you might have in other situations. Or, because of course I don't >> >> actually know that, supposing there were such people, how pointing out >> >> a threat would endanger them. Considering the state of network >> >> security, I'd suspect that there's little point in worrying about >> >> anything exotic enough to be identifiable until really basic problems >> >> like default passwords are resolved.... >> >> >> >> >> >> >> >> On Wed, Apr 25, 2012 at 4:55 PM, LRS Scout <[email protected]> wrote: >> >> > >> >> > Agreed. >> >> > >> >> > I mean, we were working China stuff when I was at OSAC (2002-2005), >> as >> >> well >> >> > as Pakistan, Lebanon, Brazil and others. We got by just fine on the >> >> > available information from both open and classified sources >> (scrubbing >> >> > classified intelligence for distribution to American companies >> operating >> >> > abroad being part of OSACs primary mission). >> >> > >> >> > The major reason things are supposed to be classified is the fear of >> >> > releasing information that will reveal sources and methods. This is >> a >> >> very >> >> > real concern. There are people out there on the sharp end gathering >> this >> >> > information that do not have diplomatic covers to hide behind, and >> would >> >> be >> >> > very dead should they be discovered. >> >> > >> >> > Also, China has a very real impact on U.S. intellectual property and >> >> > business in general. They copy everything and manufacture it >> without any >> >> > royalties, often even beating import restrictions and tariffs. >> >> > >> >> > It's a tough situation, but I really don't thin that this bill is >> going >> >> to >> >> > help that situation, only further shred whatever privacy we as >> >> individuals >> >> > still retain. >> >> > >> >> > On Wed, Apr 25, 2012 at 7:39 PM, Dana <[email protected]> >> wrote: >> >> > >> >> >> >> >> >> the new NSA data center has everything to do with this. They will >> need >> >> >> the capacity. >> >> >> >> >> >> This is not about China, though. >> >> >> >> >> >> D >> >> >> >> >> >> On Wed, Apr 25, 2012 at 4:34 PM, LRS Scout <[email protected]> >> wrote: >> >> >> > >> >> >> > He also said he'd veto the NDAA, and we see how that turned out. >> >> >> > >> >> >> > FISA, NDAA, NDRP, Patriot Act, it goes on and on with these >> people. >> >> >> > >> >> >> > I really hope that we as Americans can get our shit together and >> >> change >> >> >> > things electorally, but I don't see that happening. >> >> >> > >> >> >> > People are more interested in Dancing with the Stars and Jersey >> Shore. >> >> >> > >> >> >> > There is also a bill floating around to allow the IRS to deny you >> your >> >> >> 2nd >> >> >> > amendment rights, and your right to travel (through denying you a >> >> >> passport) >> >> >> > even when not convicted of anything. >> >> >> > >> >> >> > Plus the new NSA data center in Utah. >> >> >> > >> >> >> > Interesting times. >> >> >> > >> >> >> > On Wed, Apr 25, 2012 at 7:27 PM, Dana <[email protected]> >> wrote: >> >> >> > >> >> >> >> >> >> >> >> thank you! that means a lot coming from you. >> >> >> >> >> >> >> >> I should add that Obama has threatened to veto this legislation >> if it >> >> >> >> gets to his desk in its present form, but it will not get to his >> desk >> >> >> >> in its present form. A whole bunch more amendments were just >> proposed >> >> >> >> today so it's anybody's guess what the bill currently says. Note >> -- >> >> >> >> none of the amendments address the "notwithstanding all other >> law" >> >> >> >> language apparently, and according to CNET some of them make the >> bill >> >> >> >> even worse. >> >> >> >> >> >> >> >> I almost feel like chicken little saying the sky is falling this >> soon >> >> >> >> again after SOPA, but it really is bad stuff. If the intent is >> not to >> >> >> >> impinge on privacy, why retain language that says it's ok to do >> so? >> >> >> >> >> >> >> >> Remember all that fuss over warrantless wiretaps a few years ago? >> >> They >> >> >> >> wouldn't have to worry about warrants any more. And the stated >> >> >> >> rationale -- Chinese hackers -- would not be affected by the >> >> >> >> provisions of this bill. >> >> >> >> >> >> >> >> On Wed, Apr 25, 2012 at 4:13 PM, LRS Scout <[email protected]> >> >> wrote: >> >> >> >> >> >> >> >> > Good article Dana, thanks. >> >> >> >> > >> >> >> >> > On Wed, Apr 25, 2012 at 4:17 PM, Dana <[email protected]> >> >> wrote: >> >> >> >> > >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> http://www.fusionauthority.com/news/4841-threat-to-fourth-amendment-surfacing-in-congress.htm >> >> >> >> >> >> >> >> >> >> >> >> >> >> > >> >> >> >> > >> >> >> >> >> >> >> >> >> >> >> > >> >> >> > >> >> >> >> >> >> >> >> > >> >> > >> >> >> >> >> > >> > >> >> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-community/message.cfm/messageid:350255 Subscription: http://www.houseoffusion.com/groups/cf-community/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-community/unsubscribe.cfm
