Re: [ga] Net security's a losing battle

[Dan Steinberg <synthesis@videotron.ca>]

Hi Roberto,

I too have a comment.

I have no argument with the concepts. I just think the ICANN board meeting is
simply an inappropriate forum to discuss the issues.  I would think IETF risks
being a waaaaaaay better place. The net has existed for years with its 'dirty
little secrets' surving on the basis that those with sufficient knowledge could
do damage in one way or another (like kashpuref did) but chose not to out of
some form or reverence or spirit of cooperation. There are things that are
simply not talked about.  Even when Ira Magaziner (Anyone remember him?) was
briefed on a few of the nasties, did anything change? Nope it was business as
usual at DoC.  Was any mention of the issues included in the bidding process
that ended up with ICANN awarded a contract? Nope.  Its not in their terms of
reference. Nor, when you think of it, should it be. In fact, some of these
things...you start discussing them in open at a meeting...its just like printing
out inflammatory leaflets.


Roberto Gaetano wrote:

> Hi.
>
> I concur with Sandy's post, but would also add a comment.
>
> The most spectacular effect that the terrorist attack has created is the
> collapse of the Twin Towers, and the most sad effect are the thousands of
> casualties, but there is another effect that has not to be underestimated:
> the critical situation in which the western economy has been put. I speak
> about the impact on airline industry, the burden on insurance companies, the
> drop in the stock market, and other things that will impact us for the years
> to come (higher insurance premia, higher cost of travel, longer boarding
> times, etc.).
>
> The terrorists of the new millennium might well concentrate on these kind of
> damages, that are less likely to create horror for their acts, and therefore
> less likely to create a consensus front against them.
> Our Net has been built and is being operated in a way that will survive well
> nuclear attacks, but less well electronic sabotage.
> Somebody has asked in this forum what would have happened if a root server
> would have been located in lower Manhattan (or, for this purpose, even in
> the Twin Towers). The answer is, IMHO, "Nothing, the other 12 would have
> been more than sufficient". In fact, the Net would have suffered under
> (physical) attack to half a dozen of roots at the same time much less than
> what it suffered under Kashpureff's electronic attack few years ago.
>
> I do believe that it is a responsible answer from ICANN to address these
> issues before the terrorists find out how they can attack the DNS and
> jeopardize its functioning, creating billions of damage to the western
> economy. The big problem is, IMHO, that a lot of people see the DNS as a
> milk cow, and are very little motivated to deploy secure procedures (more
> costly and requiring higher expertise) if they see this as a risk for their
> profits. Therefore the only way to progress on this is to include security
> requirements in the contracts ICANN has with the different parties
> (Registries and accredited Registrars).
>
> I am saddened by the delay that this may have on other issues, on which I am
> contributing and I would see progressing (like the AtLarge), but I am also
> looking forward to see an open debate on security, as a vital subject for
> the survival of the Net as we know it today.
>
> Regards
> Roberto
> (Sandy's excellent post cut for bandwidth)
>
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
>
> --
> This message was passed to you via the ga@dnso.org list.
> Send mail to majordomo@dnso.org to unsubscribe
> ("unsubscribe ga" in the body of the message).
> Archives at http://www.dnso.org/archives.html

--
Dan Steinberg

SYNTHESIS:Law & Technology
35, du Ravin  phone: (613) 794-5356
Chelsea, Quebec  fax:   (819) 827-4398
J9B 1N1                 e-mail:synthesis@videotron.ca


--
This message was passed to you via the ga@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga" in the body of the message).
Archives at http://www.dnso.org/archives.html