Re: [LINK] Australian CyberWarfare Battalion
On 06/08/13 09:49, Karl Auer wrote: You are seriously proposing inserting paramilitary Government spies into civilian enterprises ... I suppose it would at least be in the open. ... Yes, that is the idea. Rather than having a few anonymous people in a remote government building who you hope are protecting your interests, these would be work colleagues you see every day. Do these people report to HQ first, or to their host organisation first? ... The reserve military personnel would doing their day job most of the time, reporting to their company management. If they identified a cyber attack of national importance, they would report it through military channels. To whom is their first duty? ... A military officer's duty is to their country. But this is not that different to IT professionals, who have a first duty to the community, which overrides that to their employer. What information, if any, flows back to the host organisations? Security personnel in organizations would be reporting on external cyber attacks on the organization. The idea is to protect the host organization, while also protecting the country generally. What protections against abuse will be offered? The same protection which applies to the actions of any member of the military, plus the strong personal links reserve personnel have to their civilian workplace colleagues. -- Tom Worthington FACS CP, TomW Communications Pty Ltd. t: 0419496150 The Higher Education Whisperer http://blog.highereducationwhisperer.com/ PO Box 13, Belconnen ACT 2617, Australia http://www.tomw.net.au Liability limited by a scheme approved under Professional Standards Legislation Adjunct Senior Lecturer, Research School of Computer Science, Australian National University http://cs.anu.edu.au/courses/COMP7310/ ___ Link mailing list Link@mailman.anu.edu.au http://mailman.anu.edu.au/mailman/listinfo/link
Re: [LINK] Australian CyberWarfare Battalion
On Thu, 2013-08-08 at 10:26 +1000, Tom Worthington wrote: Yes, that is the idea. Rather than having a few anonymous people in a remote government building who you hope are protecting your interests, these would be work colleagues you see every day. That is literally the only good thing about your proposal - that at least these people would be identified, so they could be kept away from anything important. I'm assuming that host organisations would also have the right to refuse to employ such people? That such people would be obliged to reveal their affiliation with the military when applying for jobs? What would happen re discrimination laws if a company refused to hire someone *because* they were a cyber-reservist? The reserve military personnel would doing their day job most of the time, reporting to their company management. If they identified a cyber attack of national importance, they would report it through military channels. That wasn't my question. I was asking whether they would also tell their host organisation, and who they would tell first. What protections against abuse will be offered? The same protection which applies to the actions of any member of the military, plus the strong personal links reserve personnel have to their civilian workplace colleagues. Not abuse OF the spy, I meant abuse BY the spy. Incorrect information about the host reaching the military, inappropriate access to corporate information, failure to report issues to the host organisation, industrial espionage via their ready-made covert channel etc. Or to coin a phase, who will watch these watchers? All of these things can be done by ordinary employees, of course; the difference is that these people may be protected by their military function, leaving the host organisation harmed and without recourse. Hence my question. Regards, K. -- ~~~ Karl Auer (ka...@biplane.com.au) http://www.biplane.com.au/kauer http://twitter.com/kauer389 GPG fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A Old fingerprint: AE1D 4868 6420 AD9A A698 5251 1699 7B78 4EEE 6017 ___ Link mailing list Link@mailman.anu.edu.au http://mailman.anu.edu.au/mailman/listinfo/link
Re: [LINK] Australian CyberWarfare Battalion
On Mon, Aug 5, 2013 at 3:08 AM, Glen Turner g...@gdt.id.au wrote: As for computer security professionals, I wouldn't let most of them near an item of infrastructure. +1 I will print this and hang it on the wall. :)) FC ___ Link mailing list Link@mailman.anu.edu.au http://mailman.anu.edu.au/mailman/listinfo/link