From: shamrock@netcom.com (Lucky Green)
Date: Sat, 20 Jul 1996 20:07:27 +0800
To: David Sternlight <cypherpunks@toad.com
Subject: Re: Gorelick testifies before Senate, unveils new executive order
Message-ID: <v02120d08ae159250ae12@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:04 7/18/96, David Sternlight wrote:

>Serious studies have shown that the kinds of protections to make the
>systems we depend on robust against determined and malicious attackers (say
>a terrorist government, or one bent on doing a lot of damage in retaliation
>for one of our policies they don't like), have costs beyond the capability
>of individual private sector actors. Your friendly neighborhood ISP, for
>instance, probably can't affort the iron belt and steel suspenders needed
>to make his system and its connectivity sabotage-proof, and so on. Even
>cheap but clever solutions involving encryption in such systems require
>standards and common practices across many institutions.

However, the neighorhood IPS doesn't need the kind of defenses required for
the powergrid and other crucial systems. The systems that do require such
heightend security are typically run by parties that can afford such
security. If they choose not to implement them, then it stands to reason
that their threat evaluation does not deem it necessary. Let market forces
govern, lest we spend money on countermeasures for inflated threats.



-- Lucky Green <mailto:shamrock@netcom.com> PGP encrypted mail preferred.
   Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
   Vote Harry Browne for President.