"John A. Murphy" says:
> The major problem I see with giving "authorized" people the insights to
> vulnerabilities is there are a number of people wearing 2 hats. Valid
> admin's working for a company, while at the same time trying to (personally
> or professionally) break into a competitor.
> Corporate espionage would come down to a race condition.
> CERT sends out a warning.
> Sysadmin at a site in NYC gets the warning at 8:00am EST.
> He gets the specifics, and then turns around and breaks
> into his competitors site on the west coast before they've
> even had breakfast.
And if he keeps this up, he ends up in federal prison.
Do you have any idea what the penalties are, just as one example, for
deliberately altering and/or intercepting financial wire transactions?
Yes, its entirely possible that the security officers at fortune 500
companies are crooks. Its also possible, of course, that CERT is a
bunch of crooks and keeps the information to themselves so they can
break into people's companies. There are many fantasies you can have.
Assuming that no one at all is trustworthy, then why bother even
having a CERT?
My problem is that I just spent the whole goddamn weekend installing
sendmail 8.6.2 all over the place, and I have still have not even the
slightest idea as to whether I did the least bit of good.