[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
No Subject

To: [email protected]
From: [email protected] (Steve Schear)
Date: Sun, 27 Oct 1996 19:08:11 -0800
Sender: [email protected]
I came across some interesting passages in the RAND Corp. study, An
Exploration of Cyberspace Security R&D Investment Strategies for DARPA:
"The Day After ... in Cyberspace II", MR-797-DARPA.

http://www.rand.org/publications/MR/MR797

The report describes the results of an exercise sponsored by the Defense
Advanced Research Projects Agency (DARPA) using the RAND "The Day After..."
methodology to elicit the views of participants on research and investment
strategies addressing the security and safety of systems and networks
supporting various U.S. physical and functional infrastructures. The
exercise was held on March 23, 1996 in Washington D.C., and involved
approximately 60 participants from government, universities, and commercial
industries involved with the U.S. information infrastructure.

Has this report been discussed on the list?

----------------
Is it possible to "sterilize" data passing through our telecommunications
systems?

Billions of bits of data pass through our national information
infrastructure each second. Some of those bits represent information about
individual citizens' login and password combinations, social security and
credit card numbers, account information, health status, and innumerable
other sensitive information items. Our nation has superb communications
monitoring tools, housed primarily in the National Security Agency.
However, the NSA is precluded by law from collecting information about U.S.
citizens. When incidents of "information warfare" are being waged against
U.S. systems, could key data flows be "sterilized" or "sanitized" by
computer hardware and/or software in such a manner that the NSA could help
monitor and track perpetrators in cyberspace without violating these laws?
This topic was raised during exercise discussions. We have not studied all
the relevant laws and regulations to assess whether such sterilization
measures would allow the power of NSA's analyses to be brought to bear on
telecommunications involving U.S. citizens, but perhaps the topic merits
further investigation. If so, what kinds of pattern detection and
replacement algorithms would suffice to accomplish this goal?


Sponsor development of an aircraft-like "black box" recording device

When a cyberspace security incident happens, it is often not detected in
real time, and the trail back to the perpetrator becomes lost. Could a
"black box" recording device be developed, to be attached to key nodes or
links of cyberspace systems, that would record every transaction passing
through that node or link during the last n minutes (where n=5 or 10, for
example)? If so, that record would be invaluable in tracing the source of
incidents, whether they are accidental or deliberately perpetrated.
Thousands of such systems would be required to cover key links or nodes;
could they be made robust, inexpensive, and ultra-reliable?


PGP Fingerprint: FE 90 1A 95 9D EA 8D 61  81 2E CC A9 A4 4A FB A9
---------------------------------------------------------------------
Snoop Daty Data           | Internet: [email protected]
Grinder                   |
Sacred Cow Meat Co.       |
---------------------------------------------------------------------

                          Hacker Opportunities
                          (Let's Make Lots Of Money)

I've got the brains, you've got the tricks
Let's make lots of money
You've got the code, I've got the hacks
Let's make lots of ...

I've had enough of scheming and messing `round with jerks
My crypto code's compiled, I'm afraid it doesn't work
I'm looking for a partner, someone who gets things fixed
Ask yourself this question: do you want to be rich?

I've got the brains, you've got the tricks
Let's make lots of money
You've got the code, I've got the hacks
Let's make lots of money

You can tell I'm educated, I studied at CalTech
Doctored in mathematics, I could've been set
I can program a computer, choose the perfect time
If you've got the inclination, I have got the crime

Ooooh, there's a lot of opportunities
If you know when to take them, you know
There's a lot of opportunities
If there aren't, you can make them (Make or break them)

I've got the brains, you've got the tricks
Let's make lots of money
Let's make lots of ...

You can see I'm single-minded, I know what I could be
How do you feel about it? Come, take a walk with me
I'm looking for a partner regardless of expense
Think about it seriously, you know it makes sense

Let's (Got the brains)
Make (Got the tricks)
Let's make lots of money (Money)
Let's (You've got the code)
Make (I've got the hacks)
Let's make lots of money (Money)
I've got the brains (Got the brains)
You've got the code (Got the hacks)
Let's make lots of money (Money)
Money!
Follow-Ups:
- Naive RAND study...
  - From: "Timothy C. May" <[email protected]>
Prev by Date: Hey! Dr. Vuilis!
Next by Date: Re: considering internet/privacy periodical
Prev by thread: Re: your mail
Next by thread: Naive RAND study...
Index(es):
- Date
- Thread