nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Update to BCP-38?

From: William Herrin <bill () herrin us>
Date: Fri, 4 Oct 2019 15:05:29 -0700
On Thu, Oct 3, 2019 at 2:28 PM Keith Medcalf <kmedcalf () dessus com> wrote


On Thursday, 3 October, 2019 11:50, Fred Baker <fredbaker.ietf () gmail com>
wrote:

A security geek would be all over me - "too many clues!".


Anyone who says something like that is not a "security geek".  They are a
"security poser", interested primarily in "security by obscurity" and
"security theatre", and have no clue what they are talking about.



Keith,

It's called "operations security" or "OPSEC." The idea is that from lots of
pieces of insignificant information, an adversary can derive or infer more
important information you'd like to deny to him. There's a 5-step process
used by the U.S. Military but the TL;DR version is: if you don't have to
reveal something, don't.

IMO, anyone who thinks the folks who developed OPSEC don't have a clue is
the one I find wanting.

Regards,
Bill Herrin


-- 
William Herrin
bill () herrin us
https://bill.herrin.us/
Previous By Date Next
Previous By Thread Next

Current thread: