[Cryptography] Blogpost: CITAS, a new FBI security program proposal
Ray Dillinger
bear at sonic.net
Tue Nov 25 11:31:01 EST 2014
On 11/24/2014 08:30 PM, grarpamp wrote:
> Security is not bringing more people onto your net or with you
> as partners, let alone biased LE. Do you let cops sleep in your
> house to protect you?
Sounds like you didn't read it. This isn't the usual LE
proposal that everyone should buy guns, load them with bullets,
point them at their own heads and hand over the triggers. Though
given the history I can understand why you'd stop reading after
the first sentence; that's kind of what all of them have been
up until now.
In this case, for the first time, the gun is pointed AWAY from
the people whose network it's sharing address space with; there
is no requirement that the network extend trust to the honeypot.
To the extent that the gun can be pointed at the network, it's
still got to shoot through the firewall, so it's no more
dangerous to the cooperating businesses than the guns everybody
on the whole wide Internet already has.
Trust is the destructive force that security people are quite
correctly scared of creating. A trusted system is defined as
one that will destroy you when it fails. This is the first
proposal I've seen from any branch of the USG that doesn't
require the creation of more trusted systems, which means
the first proposal I've seen that indicates somebody out
there at least understands what security is.
Bear
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141125/7da57b2a/attachment.sig>
More information about the cryptography
mailing list