On Mar 19, 2010, at 9:56 AM, bmann...@vacation.karoshi.com wrote: > On Fri, Mar 19, 2010 at 08:44:29AM -0500, William Pitcock wrote: >> On Fri, 2010-03-19 at 08:31 -0500, John Kristoff wrote: >>> An ongoing area of work is to build better closed, >>> trusted communities without leaks. >> >> Have you ever considered that public transparency might not be a bad >> thing? This seems to be the plight of many security people, that they >> have to be 100% secretive in everything they do, which is total >> bullshit. > > I thnk I'd settle for operators with Integrity. those who do what > they say.
If we had that, no secrecy would be needed. But anyone who thinks publishing everything we learn about the miscreants is a Good Idea, has never tried to take out a botnet or snow-shoe spammer or .... Secrecy sucks. If you think those keeping secrets enjoy it[*], you just haven't been bored to tears by working one of these issues. Seriously, most of the work is mind numbingly horrible, and I have nothing but the utmost respect for people who do it on a regular basis. (In case it is not clear, I do not have to do it often, and for that I think whatever ghods there may be.) Put another way: Do not dis those that make the Internet safer for you. They spend time, effort, and money - frequently their own - and risk much more (ever been sued by a spammer?). In return, they often get nothing. Before you question (and to be clear, I am not saying you should not question), offer to help and see things from their side. -- TTFN, patrick [*] I'm sure there are a few who get off on the thrill. But that's the exception, not the rule.
