North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: If you thought Y2K was bad, wait until cyber-security hits

  • From: Larry J. Blunk
  • Date: Fri Jul 19 11:24:03 2002


> 
> 
> http://www.eweek.com/article2/0,3959,387377,00.asp
> 
> "All the while maintaining that the government will not set IT security
> requirements for the private sector, top federal IT officials today said
> they expect such mandates will be imposed on federal agencies and that the
> same standards will also be used by industry."
> 
> While standards are great, one-size-fits-all standards aren't. When the
> government's cyber-security plan is released in September, will
> there be 500 requirements that Internet Service Providers must meet?
> Should ISPs be more secure than the post office or the telephone or the
> bike messenger?  Must Bill's Bait & Sushi Shop ISP Service meet the same
> security requirements as the ISP for the White House?
> 
> ISPs come in all sorts of shapes and sizes.  Consumers use cordless
> phones at home, but the NSA prohibits use of cordless phones in secure
> areas. Just because the government issues a security standard doesn't make
> it suitable for all purposes.  Some people like paying $9.95 for Internet
> service from an ISP without a backup generator, and wouldn't want to pay
> $29.95 for a "certified" ISP with a backup generator.  If the $9.95 ISP
> fails, heck they could almost afford two more for the same price as a
> single "certified" ISP.  Sometimes a hammer is just a hammer, and you
> don't need a MIL-SPEC.  If the Department of Homeland Security creates a
> new security standard for ISPs, what do you think will happen to  any ISP
> which doesn't meet it?


   Backup generators?  That's far too mundane.  Check out this quote from
Howard Schmidt in http://www.supercomputingonline.com/article.php?sid=2269

  "The routing tables of the future will be unmanageable; there will
  slowdown and failures, and malicious and criminal activity between
  2002 and 2009 all mean the Internet quits working," warned Schmidt.
  He even forecast a future in which "special aircraft will be flying
  the routing tables" physically to servers after periodic network brownouts.


  Perhap ISP's can differentiate themselves by whether their required
"special aircraft" are super-sonic or sub-sonic.   Do we need an update
for RFC1149  (BGP over F-16's?).