Re: [funsec] Here We Go Again: Internet 'Drivers Licenses'
You mean, kind of like Youtube, which is a Cat-atrophy of the mind? http://www.youtube.com/results?search_query=kittenssearch_type=aq=1oq =kitte -Original Message- From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org] On Behalf Of Larry Seltzer Sent: Monday, February 01, 2010 5:29 PM To: Paul Ferguson; funsec Subject: Re: [funsec] Here We Go Again: Internet 'Drivers Licenses' A cyber war would be worse than a tsunami -- a catastrophe... Wow, and the 2004 Indian Ocean tsunami killed (re: Wikipedia) almost 230,000 people. How many millions would die in a cyberwar? I see potential for sarcastic science fiction in this Larry Seltzer Contributing Editor, PC Magazine larry_selt...@ziffdavis.com http://blogs.pcmag.com/securitywatch/ -Original Message- From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org] On Behalf Of Paul Ferguson Sent: Monday, February 01, 2010 7:50 PM To: funsec Subject: [funsec] Here We Go Again: Internet 'Drivers Licenses' -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The meme that seemingly will not die -- Craig Mundie, chief research and strategy officer for Microsoft, mentions it again: http://rawstory.com/2010/01/agency-calls-global-cyberwarfare-treaty- driv ers - -license-web-users/ Enjoy! - - ferg -BEGIN PGP SIGNATURE- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFLZ3aaq1pz9mNUZTMRAppsAKC6d+Us+wOtJTM3Zpad1clnH/WUFQCg/F+S iJ8ip5B1EHN6NFiGn7kN9zs= =XmFQ -END PGP SIGNATURE- -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Here We Go Again: Internet 'Drivers Licenses'
Fire Sale! Everything MUST go!!! From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org] On Behalf Of Benjamin Brown Sent: Monday, February 01, 2010 6:11 PM To: Larry Seltzer Cc: funsec Subject: Re: [funsec] Here We Go Again: Internet 'Drivers Licenses' /me thinks of ghost in the shell On Mon, Feb 1, 2010 at 8:29 PM, Larry Seltzer la...@larryseltzer.com wrote: A cyber war would be worse than a tsunami -- a catastrophe... Wow, and the 2004 Indian Ocean tsunami killed (re: Wikipedia) almost 230,000 people. How many millions would die in a cyberwar? I see potential for sarcastic science fiction in this Larry Seltzer Contributing Editor, PC Magazine larry_selt...@ziffdavis.com http://blogs.pcmag.com/securitywatch/ ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Here We Go Again: Internet 'Drivers Licenses'
Well, the alternative would be for Craig and his company to pay some attention to the quality of their software, but that would cost some serious money. So, much more useful for them to divert attention from the genesis of the whole problem: their OS; and let governments clean it up, all while, naturally, making the barrier to entry for competitors to his company much higher. As long as you understand that the senior execs of US Publicly traded companies parse Milton Friedman's famous dictum to suit their personal (lack of) morality: The full dictum is (their referring to the shareholders): That responsi-bility is to conduct the business in accordance with their desires, which generally will be to make as much money as possible while con-forming to the basic rules of the society, both those embodied in law and those embodied in ethical custom. Milton Friedman, New York Times Magazine, September 13, 1970 http://www.colorado.edu/studentgroups/libertarians/issues/friedman-soc-r esp-business.html Generally, they paraphrase that to be maximize shareholder value, sometimes within the limits of the Law, by which they tend to mean whatever you can get away with for a cost of lawsuit that is less than the cost of doing the right thing. You will note that Friedman had a much broader view: that they conform to the basic rules of society both those embodied in law and those embodied in ethical custom. However, you will find precious few captains of industry of the last 30 years operate on a principle more elevated than: You'll be gone, I'll be gone, I got mine. Craig Mundie is just an apologist for his Uncle Fester lookalike boss: http://www.theregister.co.uk/2001/07/13/ballmer_is_fester_and_we/ -Original Message- From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org] On Behalf Of Paul Ferguson Sent: Monday, February 01, 2010 4:50 PM To: funsec Subject: [funsec] Here We Go Again: Internet 'Drivers Licenses' -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The meme that seemingly will not die -- Craig Mundie, chief research and strategy officer for Microsoft, mentions it again: http://rawstory.com/2010/01/agency-calls-global-cyberwarfare-treaty- drivers - -license-web-users/ Enjoy! - - ferg -BEGIN PGP SIGNATURE- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFLZ3aaq1pz9mNUZTMRAppsAKC6d+Us+wOtJTM3Zpad1clnH/WUFQCg/F+S iJ8ip5B1EHN6NFiGn7kN9zs= =XmFQ -END PGP SIGNATURE- -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Here We Go Again: Internet 'Drivers Licenses'
If you want to subvert the internet drivers license meme, insist that it is applications and hardware that should have the drivers license. Inform that its not a people problem, but and identity problems around applications and hardware. Use the drivers license meme as it has momentum, just divert it from people to software. -rick Tomas L. Byrnes wrote: Well, the alternative would be for Craig and his company to pay some attention to the quality of their software, but that would cost some serious money. So, much more useful for them to divert attention from the genesis of the whole problem: their OS; and let governments clean it up, all while, naturally, making the barrier to entry for competitors to his company much higher. As long as you understand that the senior execs of US Publicly traded companies parse Milton Friedman's famous dictum to suit their personal (lack of) morality: The full dictum is (their referring to the shareholders): That responsi-bility is to conduct the business in accordance with their desires, which generally will be to make as much money as possible while con-forming to the basic rules of the society, both those embodied in law and those embodied in ethical custom. Milton Friedman, New York Times Magazine, September 13, 1970 http://www.colorado.edu/studentgroups/libertarians/issues/friedman-soc-r esp-business.html Generally, they paraphrase that to be maximize shareholder value, sometimes within the limits of the Law, by which they tend to mean whatever you can get away with for a cost of lawsuit that is less than the cost of doing the right thing. You will note that Friedman had a much broader view: that they conform to the basic rules of society both those embodied in law and those embodied in ethical custom. However, you will find precious few captains of industry of the last 30 years operate on a principle more elevated than: You'll be gone, I'll be gone, I got mine. Craig Mundie is just an apologist for his Uncle Fester lookalike boss: http://www.theregister.co.uk/2001/07/13/ballmer_is_fester_and_we/ -Original Message- From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org] On Behalf Of Paul Ferguson Sent: Monday, February 01, 2010 4:50 PM To: funsec Subject: [funsec] Here We Go Again: Internet 'Drivers Licenses' The meme that seemingly will not die -- Craig Mundie, chief research and strategy officer for Microsoft, mentions it again: http://rawstory.com/2010/01/agency-calls-global-cyberwarfare-treaty- drivers -license-web-users/ Enjoy! - ferg -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Here We Go Again: Internet 'Drivers Licenses'
Isn't that what the TPM was about? Didn't we all recognize that as a way to make sure OSS couldn't run on hardware without paying MS or someone in the ecosystem for signing the binary? -Original Message- From: rick wesson [mailto:r...@support-intelligence.com] Sent: Monday, February 15, 2010 8:37 PM To: Tomas L. Byrnes Cc: Paul Ferguson; funsec Subject: Re: [funsec] Here We Go Again: Internet 'Drivers Licenses' If you want to subvert the internet drivers license meme, insist that it is applications and hardware that should have the drivers license. Inform that its not a people problem, but and identity problems around applications and hardware. Use the drivers license meme as it has momentum, just divert it from people to software. -rick Tomas L. Byrnes wrote: Well, the alternative would be for Craig and his company to pay some attention to the quality of their software, but that would cost some serious money. So, much more useful for them to divert attention from the genesis of the whole problem: their OS; and let governments clean it up, all while, naturally, making the barrier to entry for competitors to his company much higher. As long as you understand that the senior execs of US Publicly traded companies parse Milton Friedman's famous dictum to suit their personal (lack of) morality: The full dictum is (their referring to the shareholders): That responsi-bility is to conduct the business in accordance with their desires, which generally will be to make as much money as possible while con-forming to the basic rules of the society, both those embodied in law and those embodied in ethical custom. Milton Friedman, New York Times Magazine, September 13, 1970 http://www.colorado.edu/studentgroups/libertarians/issues/friedman- soc-r esp-business.html Generally, they paraphrase that to be maximize shareholder value, sometimes within the limits of the Law, by which they tend to mean whatever you can get away with for a cost of lawsuit that is less than the cost of doing the right thing. You will note that Friedman had a much broader view: that they conform to the basic rules of society both those embodied in law and those embodied in ethical custom. However, you will find precious few captains of industry of the last 30 years operate on a principle more elevated than: You'll be gone, I'll be gone, I got mine. Craig Mundie is just an apologist for his Uncle Fester lookalike boss: http://www.theregister.co.uk/2001/07/13/ballmer_is_fester_and_we/ -Original Message- From: funsec-boun...@linuxbox.org [mailto:funsec- boun...@linuxbox.org] On Behalf Of Paul Ferguson Sent: Monday, February 01, 2010 4:50 PM To: funsec Subject: [funsec] Here We Go Again: Internet 'Drivers Licenses' The meme that seemingly will not die -- Craig Mundie, chief research and strategy officer for Microsoft, mentions it again: http://rawstory.com/2010/01/agency-calls-global-cyberwarfare-treaty- drivers -license-web-users/ Enjoy! - ferg -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Here We Go Again: Internet 'Drivers Licenses'
I'd love to see this put in place for corporations: ... He also called for a driver's license for internet users. If you want to drive a car you have to have a license to say that you are capable of driving a car, the car has to pass a test to say it is fit to drive and you have to have insurance. Consider the case of PayChoice, a New Jersey (US) company which handles payroll, issues debit cards on paydays, etc. Three data breaches in recent history, with two in one month [1]. They have clearly demonstrated an *inability* to protect data. Its synonymous with driving drunk on the information super highway. Folks like PayChoice should lose their ability to use computers. Fortunately for the rest of the computing world, PayChoice suffered 'sophisticated attacks' while others presumably suffered unsophisticated attacks. And good news for those who had their PII swiped: there was no indication that its been used. [1] PayChoice Suffers Another Data Breach http://voices.washingtonpost.com/securityfix/2009/10/paychoice_suffers_another_data.html On Mon, Feb 1, 2010 at 7:49 PM, Paul Ferguson fergdawgs...@gmail.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The meme that seemingly will not die -- Craig Mundie, chief research and strategy officer for Microsoft, mentions it again: http://rawstory.com/2010/01/agency-calls-global-cyberwarfare-treaty-drivers - -license-web-users/ Enjoy! - - ferg [SNIP] ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Here We Go Again: Internet 'Drivers Licenses'
Paul Ferguson wrote: The meme that seemingly will not die -- Craig Mundie, chief research and strategy officer for Microsoft, mentions it again: http://rawstory.com/2010/01/agency-calls-global-cyberwarfare-treaty-drivers - -license-web-users/ ### Andre Kudelski, chairman of Kudelski Group, said that a new internet might have to be created forcing people to have two computers that cannot connect and pass on viruses. One internet for secure operations and one internet for freedom. ### ...BWWAHAHAhahahahahaa.. ::gasp:: BWWAHAHAHahahahah.. now THAT was funny! These people get *paid* to do this?! ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Here We Go Again: Internet 'Drivers Licenses'
On Mon, 01 Feb 2010 16:49:48 PST, Paul Ferguson said: The meme that seemingly will not die -- Craig Mundie, chief research and strategy officer for Microsoft, mentions it again: http://rawstory.com/2010/01/agency-calls-global-cyberwarfare-treaty-drivers-license-web-users/ Real driver's licenses only work because there aren't 140 million joy riders on the road every day, driving around with perfectly forged licenses. Of course, Mundie would like to gloss over his company's role in that little detail. pgplmxnxgkaUz.pgp Description: PGP signature ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Here We Go Again: Internet 'Drivers Licenses'
On Tue, 02 Feb 2010 07:06:14 EST, Dave Paris said: Andre Kudelski, chairman of Kudelski Group, said that a new internet might have to be created forcing people to have two computers that cannot connect and pass on viruses. One internet for secure operations and one internet for freedom. ### ...BWWAHAHAhahahahahaa.. ::gasp:: BWWAHAHAHahahahah.. now THAT was funny! These people get *paid* to do this?! Actually, there are large segments of the US government where people *do* have two computers on their desk. Of course, in their world, they get to have two separate data pipes as well. *THAT* part ain't gonna happen anytime soon. pgpKeUyYw7E8v.pgp Description: PGP signature ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Here We Go Again: Internet 'Drivers Licenses'
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The meme that seemingly will not die -- Craig Mundie, chief research and strategy officer for Microsoft, mentions it again: http://rawstory.com/2010/01/agency-calls-global-cyberwarfare-treaty-drivers - -license-web-users/ Enjoy! - - ferg -BEGIN PGP SIGNATURE- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFLZ3aaq1pz9mNUZTMRAppsAKC6d+Us+wOtJTM3Zpad1clnH/WUFQCg/F+S iJ8ip5B1EHN6NFiGn7kN9zs= =XmFQ -END PGP SIGNATURE- -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Here We Go Again: Internet 'Drivers Licenses'
A cyber war would be worse than a tsunami -- a catastrophe... Wow, and the 2004 Indian Ocean tsunami killed (re: Wikipedia) almost 230,000 people. How many millions would die in a cyberwar? I see potential for sarcastic science fiction in this Larry Seltzer Contributing Editor, PC Magazine larry_selt...@ziffdavis.com http://blogs.pcmag.com/securitywatch/ -Original Message- From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org] On Behalf Of Paul Ferguson Sent: Monday, February 01, 2010 7:50 PM To: funsec Subject: [funsec] Here We Go Again: Internet 'Drivers Licenses' -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The meme that seemingly will not die -- Craig Mundie, chief research and strategy officer for Microsoft, mentions it again: http://rawstory.com/2010/01/agency-calls-global-cyberwarfare-treaty-driv ers - -license-web-users/ Enjoy! - - ferg -BEGIN PGP SIGNATURE- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFLZ3aaq1pz9mNUZTMRAppsAKC6d+Us+wOtJTM3Zpad1clnH/WUFQCg/F+S iJ8ip5B1EHN6NFiGn7kN9zs= =XmFQ -END PGP SIGNATURE- -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Here We Go Again: Internet 'Drivers Licenses'
I believe a Star Trek TOS episode covered cyberwar. We would simply have to have all the calculated victims enter disintegration chambers. On 2/1/2010 6:29 PM, Larry Seltzer wrote: A cyber war would be worse than a tsunami -- a catastrophe... Wow, and the 2004 Indian Ocean tsunami killed (re: Wikipedia) almost 230,000 people. How many millions would die in a cyberwar? I see potential for sarcastic science fiction in this Larry Seltzer Contributing Editor, PC Magazine larry_selt...@ziffdavis.com http://blogs.pcmag.com/securitywatch/ -Original Message- From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org] On Behalf Of Paul Ferguson Sent: Monday, February 01, 2010 7:50 PM To: funsec Subject: [funsec] Here We Go Again: Internet 'Drivers Licenses' -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The meme that seemingly will not die -- Craig Mundie, chief research and strategy officer for Microsoft, mentions it again: http://rawstory.com/2010/01/agency-calls-global-cyberwarfare-treaty-driv ers - -license-web-users/ Enjoy! - - ferg -BEGIN PGP SIGNATURE- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFLZ3aaq1pz9mNUZTMRAppsAKC6d+Us+wOtJTM3Zpad1clnH/WUFQCg/F+S iJ8ip5B1EHN6NFiGn7kN9zs= =XmFQ -END PGP SIGNATURE- -- Daniel Otis d...@moosoft.com http://www.moosoft.com MooSoft Development LLC ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Here We Go Again: Internet 'Drivers Licenses'
/me thinks of ghost in the shell On Mon, Feb 1, 2010 at 8:29 PM, Larry Seltzer la...@larryseltzer.comwrote: A cyber war would be worse than a tsunami -- a catastrophe... Wow, and the 2004 Indian Ocean tsunami killed (re: Wikipedia) almost 230,000 people. How many millions would die in a cyberwar? I see potential for sarcastic science fiction in this Larry Seltzer Contributing Editor, PC Magazine larry_selt...@ziffdavis.com http://blogs.pcmag.com/securitywatch/ ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Here We Go Again: Internet 'Drivers Licenses'
Date sent: Mon, 01 Feb 2010 16:49:48 -0800 From: Paul Ferguson fergdawgs...@gmail.com http://rawstory.com/2010/01/agency-calls-global-cyberwarfare-treaty-drivers - -license-web-users/ Now, while the War Office has not yet ascertained what qualifications are indeed necessary to fly an ... er ... aeroplane, we must see to it that all candidates possess the necessary qualifications, should the War Office ever decide what those qualifications are. Do you understand that, Bishop? - Sir Hugh Cecil in `Billy Bishop Goes to War' by John Gray == (quote inserted randomly by Pegasus Mailer) rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org Those who do not learn from computer history tend to repackage it - Slade's Law of Computer `Progress' victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/index.html http://blogs.securiteam.com/index.php/archives/author/p1/ http://twitter.com/NoticeBored http://twitter.com/rslade ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Here We Go Again: Internet 'Drivers Licenses'
Wow, and the 2004 Indian Ocean tsunami killed (re: Wikipedia) almost 230,000 people. How many millions would die in a cyberwar? Depends on what gets hit. Take over the SCADA for New York City's utilities, especially at this time of year, and you could kill a substantial fraction of the city. Over 230K would not surprise me. Of course, the hard part would be keeping it doing what you want; I don't know to what extent it would be possible to switch back to manual control for the most essential services, and whether it could be done fast enough. And, of course, on whether you could reach them at all. I don't know how intelligently they are secured, but I'm pessimistic. All it takes is one slip-up, and governments have a poor track record at listening to the people who actually know how to do that kind of thing right /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTMLmo...@rodents-montreal.org / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Here We Go Again: Internet 'Drivers Licenses'
On Mon, 1 Feb 2010, Benjamin Brown wrote: /me thinks of ghost in the shell http://www.xkcd.com/686/ ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
