[ISN] Stephen Northcutt needs your help

From: InfoSec News (isn@private)
Date: Fri Jun 25 2004 - 06:06:17 PDT

  • Next message: InfoSec News: "RE: [ISN] LayerOne Hacking Exposed"

    Forwarded from: Stephen Northcutt <stephen@private>
    
    Hello,
    
    This note is intended for U.S. citizens and is a personal note from
    Stephen Northcutt.  For the past few weeks CERT and SEI, DoD
    government funded organizations, have been purchasing google adwords
    so that when people search for "SANS Training" they see an
    advertisement for CERT/SEI's network manager course.
    
    I have a couple of concerns about this.  The first is trademark or
    brand related, when you search for SANS training, you should get SANS
    training.  Other competing commercial training companies have also
    engaged in this behavior and when I have written them and asked if
    this how they want to be remembered by the security community, they
    have discontinued this practice.  I wrote cert@private a couple weeks
    ago and they continue this practice.
    
    My second concern is that the government offering the course violates
    the spirit and letter of OMB A 76. "Two of the key principles of
    Circular A-76 has always been that "in the process of governing, the
    Government should not compete with its citizens" and that "a
    commercial activity is not a governmental function."
    http://www.whitehouse.gov/omb/circulars/a076/comments/a76-289.pdf The
    course:
    http://www.sei.cmu.edu/products/courses/cert/infosec-net-mgrs.html The
    funding: http://www.sei.cmu.edu/about/about.html
    http://www.cert.org/faq/cert_faq.html#A4
    
    My third concern is the amount of tax we pay as citizens.  The
    government is in the process of authorizing about 481 billion dollars
    for DoD spending.  The Department of Defense clearly has too much
    money if they can afford to create training that mirrors material
    widely available from SANS, MISTI, CSI, Intense School and other
    training organizations.  I believe the money spent on CERT, SEI and
    the Office of the Under Secretary of Defense for Acquisition,
    Technology, and Logistics should each be reduced by at least 10%
    immediately.
    
    So I am asking for your help.  If you agree with me please write your
    congress person and either use this note as a base or write your own.
    I would be honored if you would copy me, Stephen@private  If you
    don't agree with me, or don't want to help me, that is fine, but
    before you send me a knee jerk email flame would you do three things.  
    Look at your last paycheck stub and remind yourself how much tax you
    pay, second, consider the impact of the U.S. deficit
    (http://www.brillig.com/debt_clock/ ) and finally think about how you
    would feel if the government decided to compete in a disreputable
    manner with a course that took you months to write, SANS Security
    Leadership. After that, if you disagree with me, I would love to hear
    what you have to say.  So please help me and write your congressman
    and tell them your home address, make sure they know you vote and you
    agree that the government has no business wasting taxpayer money
    competing with a course Stephen Northcutt does a better job of anyway.
    
    To find your representative:
    http://www.house.gov/writerep/
    
    To find your congressional representative, the best link I could find is:
    http://www.senate.gov/
    
    Thank you for taking the time to help!  Needless to say, I write this
    note as a private citizen and the author of SANS Security Leadership
    and am certain this note does not reflect the collective views and
    opinions of The SANS Institute.
    
    Stephen Northcutt
    Stephen@private
    (808) 823-1375
    
    
    
    _________________________________________
    ISN mailing list
    Sponsored by: OSVDB.org - For 15 cents a day, you could help feed an InfoSec junkie!
    (Broke? Spend 15 minutes a day on the project!)
    



    This archive was generated by hypermail 2b30 : Fri Jun 25 2004 - 07:35:05 PDT