[107320] in Cypherpunks
HERT - Hacker Emergency Response Team
daemon@ATHENA.MIT.EDU (Ken Williams)
Sun Jan 10 20:16:16 1999
Date: Sun, 10 Jan 1999 19:53:35 -0500 (EST)
From: Ken Williams <jkwilli2@unity.ncsu.edu>
To: cypherpunks@toad.com, jericho@dimensional.com
Reply-To: Ken Williams <jkwilli2@unity.ncsu.edu>
-----BEGIN PGP SIGNED MESSAGE-----
Thought you might find this interesting/humorous...
HERT - Hacker Emergency Response Team
http://www.hert.org/
from their web site...
- ----------
What is HERT?
HERT stands for Hacker Emergency Response Team and is an international
non-profit organization based in France.
Exactly like CERT [link: http://www.cert.org/], our US counterpart, our
first goal is to provide accurate information about computer security
vulnerabilities, provide incident response services to sites that have
been the victims of attacks, publish security alerts and find new
vulnerabilities.
Our next goal is to represent concerned computer users and organizations
as an advocacy league. Jean-Pierre Millet & David Nataf Law Office
[link: mailto: attorney@hert.org], one of HERT's founder, skillfull
attorneys specialized in computer security issues, will coordinate
HERT's effort on this matter.
Why HERT is a better alternative to CERT?
National Computer Security Center, a sub-branch of the National Security
Agency [link: http://www.fas.org/irp/nsa/index.html] initiated the
creation of the Computer Emergency Response Team and was funded by the
Defense Advanced Research Agency (DARPA) [link: http://www.arpa.mil/].
A majority of people think CERT is doing a brilliant job, but when you
examine CERT more closely, one could believe CERT is a bit corrupted.
Just take a look at the CERT statistics
[link: http://www.cert.org/stats/cert_stats.html], since 1995, for 1027
vulnerabilities reported, they have published only 55 advisories
bulletins. Is this a joke, did they count duplicate vulnerability
reports? Was there 1000 cert initiated vendor advisories?
- From an organization directed by US Military Intelligence, you must
assume the worst especially when they brag about their Information
Superiority.
We decided to create HERT, when system administrators of highly
sensitive US networks informed us that they were supplied with official
vendor patches months before public announcement were made by vendors,
CERT or full-disclosure mailing lists like Bugtraq
[link: http://www.geek-girl.com/bugtraq/].
Mail regarding the web site should be addressed to webmaster@hert.org.
*www.hert.org was opened on January 5th 1999 and it isn't finalized yet.
- ----------
Too bad they are actually serious about this, because I laughed so hard
it HERTs.
Regards,
Ken Williams
Packet Storm Security http://www.genocide2600.com/~tattooman/
Trinux: Linux Security Toolkit http://www.trinux.org/ ftp.trinux.org
PGP DH/DSS/RSA Keys http://www4.ncsu.edu/~jkwilli2/pgpkey/
NCSU Computer Science http://www.csc.ncsu.edu/
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv
iQEVAwUBNplLgpDw1ZsNz1IXAQFgJQgAlQB7CycPXtZBp4pWJyY2Kz/RhDY7E2vM
Pd7Q9PFF7fjP58WjVR5vf5tcVjmM/RX6nGeVP2vVtwBMHVteJnLKJPDZgHzkYHVJ
k1br08+/yb3II4/6fxcSrQreUerkCKEVyTWrtk07e0ytqiTg91qt/TpKB/kSgqhp
Mbb8Kfk8MLNOKF2yDCvKwRgkoUW37OtCIdy2RK4PeCb2WKka1P+f7F4n/abCYCmV
A/PMQwtWiVWlgAAAgfp7otma61Jzsw21Hnyc6W53/cXtrP/jz8yVb5xm3MqEeu6i
acJXHhPYNmTvuHWs3r+fq+O7bjY1VtWw7VjImYEjglfdjXzGxAL+FA==
=ypWo
-----END PGP SIGNATURE-----
