[122159] in North American Network Operators' Group
Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Mon Feb 8 13:37:53 2010
To: "andrew.wallace" <andrew.wallace@rocketmail.com>
In-Reply-To: Your message of "Thu, 04 Feb 2010 15:04:22 PST."
<173586.49796.qm@web59608.mail.ac4.yahoo.com>
From: Valdis.Kletnieks@vt.edu
Date: Mon, 08 Feb 2010 13:37:26 -0500
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--==_Exmh_1265654246_5191P
Content-Type: text/plain; charset=us-ascii
On Thu, 04 Feb 2010 15:04:22 PST, "andrew.wallace" said:
> On Thu, Feb 4, 2010 at 8:19 PM, Gadi Evron <ge@linuxbox.org> wrote:
> > "That peer-review is the basic purpose of my Blackhat talk and the
> > associated paper. I plan to review Cisco’s architecture for lawful intercept
> Gadi Evron has absolutely no connection to this research whatsoever.
For the benefit of those who just fell out of a tree - anytime a conference
paper abstract says "review", it's pretty certain that the presentation won't
be cutting 0-day technical stuff, but a *review* of stuff that half of us
already know, for the benefit of getting the other half up to speed.
Also - note that the skillset needed to be a cutting-edge researcher is *very*
different from the one needed to actually present a good review talk and have
the information retained by the audience. (I've done overview presentations.
It's definitely not easy to make the points "You should be doing X, Y, and Z,
and here's why you should invest the time and effort to do so").
> He is famous in the security community for piggybacking off other peoples
> research.
You apparently fail to understand that making other people's research well
known in the community is an important role. Would we be more secure, or
less secure, if somebody did the research, but then nobody told the owners
of all that Cisco gear about it? (Hint: "pwned router" is never a good
day for the network provider)
Or would we as a community be more safe, or less safe, if <trollbait> SANS
didn't do security traning courses </trollbait>?
> Andrew
> Security consultant
Is that what you're calling yourself these days?
--==_Exmh_1265654246_5191P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFLcFnmcC3lWbTT17ARAhAQAJ9unaxuEUGv8U3jrKyliTVSA79oiwCgw1zE
RmVoykOjerg2dkyzOIcABfY=
=XLsn
-----END PGP SIGNATURE-----
--==_Exmh_1265654246_5191P--
