Re: [ISN] Linux snares security tool

From: InfoSec News (isnat_private)
Date: Mon Nov 12 2001 - 23:38:06 PST

  • Next message: InfoSec News: "[ISN] Linux Security Week - November 12 2001"

    Forwarded from: Russell Coker <russellat_private>
    Cc: ericat_private
    On Mon, 12 Nov 2001 10:42, you wrote:
    > I have not in any way done any in-depth study of SNARE, since I am not
    > its target market, but from reading a brief description, SNARE appears
    > to be a useful tool, in that it apparently adds a user-friendly
    There was recently a posting on the NSA SE-Linux list about it which
    indicates that it also involves kernel hooks to log file access, which
    most IDS type software doesn't do.  This indicates to me that it may
    have some value, however none of the marketting blurb mentioned that.
    > > Oh, any insipid legal threats from Nicole Bellamy will be published
    > > along with this errata. Since that seems to be her trend based on
    > > talking to others. (For the ISN crowd: she has threatened to sick her
    > > pet lawyers on someone who works in the open source community for
    > > telling her this article was full of shit.)
    > That sort of behavior is EXTREMELY unprofessional. You do not
    > threaten to sue potential sources for future stories. And if
    > someone offers you information, you accept it with a polite "thank
    > you for your comments", even if the offer is in a rather, err,
    > rude, manner. Frankly, I knew better than that when I was a 19
    > year old kid writing a computer club newsletter column.
    When you have a disagreement with a professional journalist they will
    politely debate the issue (even if you start by flaming them) and then
    move on to "thanks for your comments" as the response to all your
    messages if they decide there is no possibility of reaching an
    Slightly less professional journalists will silently add you to their
    email kill file.
    Moderately unprofessional journalists engage in public flame wars.
    The true hacks will resort to legal threats.
    > I've had my own run-ins with journalists in the past when I felt I
    > was misquoted or that they misconstrued something about Linux, but
    > at worst we agreed to disagree. I cannot imagine any situation
    > where threatening to sue a critic is productive behavior for a
    > journalist. After all, journalists have resort to the ultimate
    > court: the court of public opinion, in which they have the
    > capability of "stacking the deck" so to speak via the power of the
    > pen.
    Yes.  If nothing else we are capable of anonymously criticising
    journalists and getting wide coverage.  Sorting things out privately
    is the best thing for the journalist, sorting them out publically
    where the journalist gets to respond to all allegations is the next
    best thing for the journalist.
    Having people like us send each other private email (which gets
    forwarded and re-forwarded) because of a fear of being sued is the
    worst thing for the journalist.
    > Do note, however, that Australia has very anti-free-speech libel
    > laws. Basically, if you say anything critical of a person in
    > Australia, you must be able to prove what you say beyond
    > reasonable doubt. This is of course the total opposite of the
    > United States, where the person suing for libel has the burden of
    > proof, thus allowing greater freedom of speech. However, I have no
    > intention to go anywhere near Australia (and in fact I suspect
    > they would deny me a visa, due to my public criticisms of Aussie
    > PM John Howard's bigotry and poor treatment of non-whites), so I
    > don't care what Aussie law says.
    This wouldn't stop you getting an Australian visa.  Many Australian
    citizens criticise the PM for those reasons (and many more).  There is
    no punishment for such things.  The government really doesn't care
    what anyone thinks, and you wouldn't be punished even if they did.
    But as for the issue of being sued in Australia (or the UK which is
    very similar for libel laws) and getting away with it by not visiting
    the country, this is not guaranteed.  There are various measures in
    place to try and enforce such rulings world-wide (which are being led
    by the US).  As part of the push to get US rulings enforced in other
    countries to protect the economic interests of US corporations we can
    expect that they will try and push through treaties to make a civil
    judgement in one court be automatically applied in other countries.
    Currently in the US all sorts of stupid laws are being passed.  In
    Australia almost anything which is requested by the US government will
    be done.  I could imagine a situation where any corporation in the US
    or Australia could sue any individual in the other country and get the
    money out of them.
    --     Bonnie++ hard drive benchmark       Postal SMTP/POP benchmark Projects I am working on     My home page
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Tue Nov 13 2001 - 02:21:19 PST