http://www.infowarrior.org/articles/2001-03.html CERT: The Next Generation The Demise of the Internet's Last Objective and "Trusted" Organization Richard Forno <rfornoat_private> Article 2001-03 (c) 2001. All rights reserved. 21 April 2001 The Morris Worm incident of 1988 paralyzed the Internet during its days as a purely academic and research system of systems uncluttered by banner ads, instant messaging, Flash animations, and e-commerce. As a result of this first major security issue on the fledgling global network, the Department of Defense looked to establish a security capability to research and advise the network community on emerging security threats, trends, and vulnerabilities. In 1988, the task was assigned to the Carnegie-Mellon University's Software Engineering Institute, one of the Pentagon's Federally-Funded Research and Development Centers (FFRDC). From this task CERT/CC was born. (FFRDCs are government research centers that receive federal money (taxpayer money) to support its research activities.) Once the CERT/CC was established, it became the self-declared central authority on all Internet security issues. As a result, government, the media, and IT community thus accepted the CERT/CC as the Vatican of Vulnerabilities whose imprimatur (approval) of a vulnerability by generating an advisory confirmed the issue's legitimacy in the eyes of the IT community. For small businesses without dedicated security staffs, CERT advisories are often the only security information they had access to. However, recent announcements by the CERT/CC regarding its venture into the commercial services market raise some questions that this article will address, including how effective this new organization will be, and evaluating the legitimacy, allegiance, and effectiveness of the CERT/CC now that it is in the commercial arena instead of an academic mode supported by federal funds from the American taxpayers. [...] ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERVat_private with a message body of "SIGNOFF ISN".
This archive was generated by hypermail 2b30 : Wed Apr 25 2001 - 01:11:18 PDT