IN KENYA the Agikuyu say, “Mundu utari nguku ona imwe ndagiriiruo ni gutuithia ciira wa nguku.” Loosely translated, “A person who does not have even a single hen is not supposed to be elevated to adjudicate over matters poultry/disputes. If more contextually put, a parent is wiser if entrusts their child to the care of another parent than to an individual who does not have a child -- thus lack the full experience of having and raising a child. Is is not common knowledge that kids are such bundles of joy? ;-)

Should the child under their watch falter or err, such an individual is likely to impulsively meter out terribly harsh punishments – unlike a fellow parent whom would otherwise hesitate before taking such drastic punitive actions.

On Wed, Jan 30, 2013 at 3:54 AM, Michael Haffely <[log in to unmask]> wrote:

It concerns me that "I don't use email, some would call me a Luddite" Napalitano wants DHS to have "greater access to internet and cybersecurity information from the private sector" She doesn't have anything to be concerned about or lose as she isn't a participant of/in either the internet or the private sector. She also said of a potential "Digital 9/11" "There are things we can and should be doing right now that, if not prevent, would mitigate the extent of the damage" What things? What isn't being done?

I also have doubts about the "Cyber Pearl Harbor that will occur and be as bad as the September 11 attacks" meme that is thrown about. In my opinion there has not been a Cyber Pearl Harbor threat model that isn't akin to a movie plot, and the security community is, for the most part, very good with sharing/alerting when a weird problem arises (CERT, SANS ISC, Mitre's CVE, informal lines of communication, etc.). I would encourage United States citizens to contact your representatives and let them know that this not the direction we should go, the proposed measures do little to pro-actively protect the internet as giving DHS access to "internet and cybersecurity information" will not protect, nor prevent an attack (and what would they do with it? Raid offices of companies with unpatched equipment/servers? Force them to upgrade? Require attestation of compliance?). Information of this type would probably only be useful to attempt prosecution after an event.

It's an incomplete thought but just my two cents.

On Sat, Jan 26, 2013 at 11:55 AM, Carl Smith <[log in to unmask]> wrote:

Homeland Security's Napolitano invokes 9/11 to push for CISPA 2.0

Link https://rt.com/usa/news/napolitano-us-cyber-attack-761/

Lou