FC: "Department of Homeland Security" vs. Full Disclosure?

From: Declan McCullagh (declanat_private)
Date: Tue Mar 04 2003 - 19:32:31 PST

Next message: Declan McCullagh: "FC: Rich Kulawiec on Apple, MS, Adobe, HP, Intel oppose fixing DMCA"

Previous message: Declan McCullagh: "FC: Apple, Microsoft, Adobe, HP, Intel oppose bill fixing DMCA"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

----- Forwarded message from Ryan Lackey <ryanat_private> -----

From: Ryan Lackey <ryanat_private>
Subject: "Department of Homeland Security" vs. Full Disclosure?
To: cypherpunks
Date: Tue, 4 Mar 2003 19:56:49 +0000
User-Agent: Mutt/1.5.3i

It appears the DHS is taking responsibility for putting pressure on
those who discover security flaws to keep them quiet until they see
fit to release.  Hopefully in the future those who
discover security flaws will take advantage of the remailer network
and cryptographic signatures to post their findings immediately,
rather than reporting them to the government for processing and delay.

Otherwise, given the government's excellent track record in securing
information, DHS will become the premier location for getting
knowledge of "secret" vulnerabilities.  Plus, is it really a
great stretch to imagine the government will use tit for tat to keep
some vulnerabilities from ever being made public, for their own purposes?
(to have a government-only backdoor, if the vulnerability is
sufficiently well hidden, or to use as leverage with vendors to add
other features for the government, like "this will shame you in the
marketplace, but we can just keep it quiet if you'll play ball with us
on DRM or anti-anonymity in your future products..."

One would think anyone in the "security industry" would be
sufficiently paranoid to not trust the government with this
responsibility.

[http://news.com.com/2100-1009-990879.html?tag=fd_top]
-- 
Ryan Lackey [RL960-RIPE AS24812]   ryanat_private   +1 202 258 9251
OpenPGP DH 4096: B8B8 3D95 F940 9760 C64B   DE90 07AD BE07 D2E0 301F

----- End forwarded message -----

-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
Like Politech? Make a donation here: http://www.politechbot.com/donate/
-------------------------------------------------------------------------
Declan McCullagh's photographs are at http://www.mccullagh.org/
-------------------------------------------------------------------------

Next message: Declan McCullagh: "FC: Rich Kulawiec on Apple, MS, Adobe, HP, Intel oppose fixing DMCA"
Previous message: Declan McCullagh: "FC: Apple, Microsoft, Adobe, HP, Intel oppose bill fixing DMCA"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Mar 04 2003 - 19:29:33 PST