Official Anonymizing

Faustine a3495 at cotse.com
Wed Sep 5 11:37:21 PDT 2001 

Greg wrote
At 04:33 PM 9/4/2001 -0700, John Young wrote:
>Look, I'll accept that we will all succumb to the power of the market,
>so limit my proposal for full disclosure to those over 30. After that
>age one should know there is no way to be truly open-minded.

>And, in the spirit of full disclosure, I'll mention that at C2Net we did 
>sell our software to the government/intelligence agencies who wanted it - 
>they paid the same prices as any other customers, signed the same sales 
>contracts (we'd negotiate some on warranty terms for big purchases), and 
>otherwise got what everyone else got - not more, not less.


Your honesty is admirable--and unlike certain other cases, I don't have any 
real reason to doubt what you say. But are you sure you have adequate 
security and counter-economic espionage measures in place? Have you had 
anyone do penetration testing lately? How much do you trust the people you 
work with? 

Wish I had a nickel for every time some young (or not-so-young)turk at a 
security conference or elsewhere started blabbing about things they 
shouldn't have out of nothing more than a desire to seem big and impress 
me. Feds and hackers alike, same old song and dance. I never even try to 
elicit information, either: I don't know, maybe it's some kind of sexist 
thing to assume a sweet-faced polite young woman could ever be a security 
threat.  The sick thing is, if I were really evil I could have made a lot 
more than a nickel... Depressing. Wake up and shut up, dumbasses. 

Back to the insider problem: It's not exclusively a moral issue--whether 
you think you have more to fear from Uncle Sam, China, or the competitor 
down the street, everyone can agree that employees who sell out your 
technology to those out to compromise it are bad news. And frankly, the 
very people who wouldn't deal with China in a million years might be the 
ones most willing to listen to agents peddling the old "in the interests of 
national security" line.  

And whereas government agencies have always had a strong "culture of 
paranoia" that at least gets the issues on the table, private companies are 
at a disadvantage because they never even saw it coming. With a lot of 
young tech companies having spent the last few years feeling fat, happy, 
and oh-so-much smarter than those fusty old feds, you've got a potentially 
massive disaster in the making.

Oh well, here's hoping you never get stung by the insider problem 
personally.

~Faustine.

More information about the cypherpunks-legacy mailing list