Stavolta ho letto subito la newsletter di Bruce Schneier, e ho notato che ha commentato praticamente allo stesso modo una notizia che avevo riportato qualche giorno fa.
Si tratta delle (dis)avventure del ricercatore Matt Blaze che è stato attaccato per aver rivelato una vulnerabilità in una certa classe di serrature. Schneier poi che è bravo ha collegato il discorso a Slammer e alle iniziative antiterrorismo del governo americano:
Attorney General Ashcroft is working to keep details of many antiterrorism countermeasures secret so as not to educate the terrorists. But at the same time, the people -- to whom he is ultimately accountable -- would not be allowed to evaluate the countermeasures, or comment on their efficacy. Security couldn't improve because there'd be no public debate or public education. Whatever attacks and defenses people learn would become folklore, never spoken about in the open but whispered from security engineer to security engineer and from terrorist to terrorist. And maybe in 100 years someone will publish an attack that some security engineers knew about, that terrorists and criminals had been exploiting for much of that time, but that the general public had been blissfully unaware of.
2:24:29 PM
|