CERT to sell security threat information

[ Home | Liste | F.A.Q. | Risorse | Cerca... ]

[ Data: precedente | successivo | indice ] [ Argomento: precedente | successivo | indice ]

Archivio: Aprile 2001 ml@sikurezza.org
Soggetto: CERT to sell security threat information
Mittente: Igor Falcomata'
Data: 25 Apr 2001 02:59:15 -0000

l'avevo gia' notato/letto qualche tempo fa ma non avevo avuto occasione di
postarlo.. cmq, da http://www.atstake.com/security_news/

CERT to sell security threat information
contributed by lafcadio (Apr 23, 2001 2:03 pm EST) 

The taxpayer-funded CERT organization, formerly known as the Computer
Emergency Response Team, has announced that it will begin selling private
sector companies security alerts before the standard 45 day waiting period
currently in place.

Previously, the organization had notified only the Department of Defense and
the General Services Administration in advance. CERT waited before releasing
alerts to the public, in order to give software manufacturers a chance to
fix problems. Security alerts will still be made public after 45 days, but
only paying members of the Internet Security Alliance and the government
will receive advance notice.

CERT has been under pressure for some time now to reduce or abolish the 45
day waiting period and also to become more financially self-sufficient. The
Internet Security Alliance is open to any company and will require
membership dues ranging from $2,500 to $70,000, based on the applicant's
revenue.

Initial reactions from the general population are mixed, but many people are
frustrated at the notion that they will need to pay money to access public
safety notifications from a taxpayer funded agency. Other groups that
release information for free may see an increase in activity at their sites
as a result.

http://www.cert.org
http://www.zdnet.com/zdnn/stories/news/0,4586,2709721,00.html
http://www.cnn.com/2001/TECH/internet/04/20/cert.sells.info.idg/index.html
http://www.msnbc.com/news/561513.asp

--

in questo caso dovremmo essere meno offesi, perche' non siamo taxpayer
diretti, ma cmq non e' una bella cosa... :( anche se poi il CERT e' vero che
attualmente conta relativamente poco e gli advisor passano piu' spesso da
altre parti e con modalita' ben piu' rapide..

bye
Koba (moderatore)

-- 

Igor Falcomata'
IT Security Manager & Consultant
Infosec srl - http://www.infosec.it
Network Security and Data Defense
 --
free advertising: www.openbsd.org - Multiplatform Ultra-secure OS

________________________________________________________
http://www.sikurezza.org - Italian Security Mailing List

Data:
- precedente: Re: DAC e MAC?, Igor Falcomata'
- successivo: atstake, scai
- indice

Argomento:
- precedente: Re: servizi chrootati [proftpd], Igor Falcomata'
- successivo: atstake, scai
- indice

[ Home | Liste | F.A.Q. | Risorse | Cerca... ]

www.sikurezza.org - Italian Security Mailing List
(c) 1999-2005