Re: [LINK] Australian CyberWarfare Battalion

2013-08-07 Thread Tom Worthington
On 06/08/13 09:49, Karl Auer wrote:

 You are seriously proposing inserting paramilitary Government spies
 into civilian enterprises ...  I suppose it would at least be in the open. ...

Yes, that is the idea. Rather than having a few anonymous people in a 
remote government building who you hope are protecting your interests, 
these would be work colleagues you see every day.

 Do these people report to HQ first, or to their host organisation
 first? ...

The reserve military personnel would doing their day job most of the 
time, reporting to their company management. If they identified a cyber 
attack of national importance, they would report it through military 
channels.

 To whom is their first duty? ...

A military officer's duty is to their country. But this is not that
different to IT professionals, who have a first duty to the community, 
which overrides that to their employer.

 What information, if any, flows back to the host organisations?

Security personnel in organizations would be reporting on external cyber 
attacks on the organization. The idea is to protect the host
organization, while also protecting the country generally.

 What protections against abuse will be offered?

The same protection which applies to the actions of any member of the
military, plus the strong personal links reserve personnel have to their 
civilian workplace colleagues.


-- 
Tom Worthington FACS CP, TomW Communications Pty Ltd. t: 0419496150
The Higher Education Whisperer http://blog.highereducationwhisperer.com/
PO Box 13, Belconnen ACT 2617, Australia  http://www.tomw.net.au
Liability limited by a scheme approved under Professional Standards
Legislation

Adjunct Senior Lecturer, Research School of Computer Science,
Australian National University http://cs.anu.edu.au/courses/COMP7310/
___
Link mailing list
Link@mailman.anu.edu.au
http://mailman.anu.edu.au/mailman/listinfo/link


Re: [LINK] Australian CyberWarfare Battalion

2013-08-07 Thread Karl Auer
On Thu, 2013-08-08 at 10:26 +1000, Tom Worthington wrote:
 Yes, that is the idea. Rather than having a few anonymous people in a 
 remote government building who you hope are protecting your interests, 
 these would be work colleagues you see every day.

That is literally the only good thing about your proposal - that at
least these people would be identified, so they could be kept away from
anything important. I'm assuming that host organisations would also have
the right to refuse to employ such people? That such people would be
obliged to reveal their affiliation with the military when applying for
jobs? What would happen re discrimination laws if a company refused to
hire someone *because* they were a cyber-reservist?

 The reserve military personnel would doing their day job most of the 
 time, reporting to their company management. If they identified a cyber 
 attack of national importance, they would report it through military 
 channels.

That wasn't my question. I was asking whether they would also tell their
host organisation, and who they would tell first.

  What protections against abuse will be offered?
 
 The same protection which applies to the actions of any member of the
 military, plus the strong personal links reserve personnel have to their 
 civilian workplace colleagues.

Not abuse OF the spy, I meant abuse BY the spy. Incorrect information
about the host reaching the military, inappropriate access to corporate
information, failure to report issues to the host organisation,
industrial espionage via their ready-made covert channel etc. Or to coin
a phase, who will watch these watchers?

All of these things can be done by ordinary employees, of course; the
difference is that these people may be protected by their military
function, leaving the host organisation harmed and without recourse.
Hence my question.

Regards, K.

-- 
~~~
Karl Auer (ka...@biplane.com.au)
http://www.biplane.com.au/kauer
http://twitter.com/kauer389

GPG fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A
Old fingerprint: AE1D 4868 6420 AD9A A698 5251 1699 7B78 4EEE 6017

___
Link mailing list
Link@mailman.anu.edu.au
http://mailman.anu.edu.au/mailman/listinfo/link


Re: [LINK] Australian CyberWarfare Battalion

2013-08-05 Thread Fernando Cassia
On Mon, Aug 5, 2013 at 3:08 AM, Glen Turner g...@gdt.id.au wrote:
 As for computer security professionals, I wouldn't let most of them near an 
 item of infrastructure.

+1

I will print this and hang it on the wall.

:))

FC
___
Link mailing list
Link@mailman.anu.edu.au
http://mailman.anu.edu.au/mailman/listinfo/link