North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: The Backhoe: A Real Cyberthreat?
Jim Popovitch <[email protected]> writes: > Jerry Pasker wrote: >> The point is: What's more damaging? Being open with the maps to >> EVERYONE can see where the problem areas are so they can design >> around them? (or chose not to) or pulling the maps, and reports, and >> sticking our heads in the sand, and hoping that security through >> obscurity works. > > Let's look at this from another point of view: Should we remove all > keylocks from backhoes so that everyone can have access to them? :-) This analogy is faulty, but illuminating insofar as it illustrates the fallacy of putting up low bars to access that don't actually stop people who're willing to put a little bit of effort into beating it. Keylocks only work when your threat model is drunk fratboys or bored teenagers (which is not necessary a disjoint set). They aren't a significant part of the threat model for intentional fiber cuts. Any John Deere dealer will be able to supply you with a key that operates the vast majority of John Deere equipment of a certain type. Anyone who can plan ahead enough to order from eBay is in like Flynn. http://cgi.ebay.com/12-JD-Keys-3-John-Deere-Equipment-Key-Sets-NEW_W0QQitemZ7581349645QQcategoryZ41507QQrdZ1QQcmdZViewItem > I'm all for openness, but sometimes some things only need to be accessed > and used by the professionals that need those things. I fully trust > that the big network operators, the ones that really really do need > this data, have all the info they need to plan their network > expansions, etc. I don't need to see this data, even though I might > want to. Then don't look at it. :) ---Rob
|