[AusNOG] RISK - IT Industry - Concern Over Equipment Being, Installed in Data Centre Facilities - Further Replies

[Nathanael Bettridge]

That impacts those people, not the list at large. And there’s a difference between specific and general discussions depending on the applicable laws/rules/contracts.

From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of James Hodgkinson

Because sometimes, people work with/for organisations that have rules on speaking about OPSEC.

James

On Tue, 27 Sep 2016, at 12:51, Sam Silvester wrote:
On Tue, Sep 27, 2016 at 12:17 PM, Nathanael Bettridge <nathanael at prodigy.com.au<mailto:nathanael at prodigy.com.au>> wrote:

I’m not sure I can support point 4 though – there seems to be a current of “don’t discuss these kinds of security matters in public” from some list participants which baffles me greatly. I can’t see why this topic shouldn’t be discussed in this forum (assuming relevance can be established)



I agree.

Bevan - is there anything more you can share about why you are so cagey about this?

Telstra were quite open about the fire at Warrnambool exchange, and from what I can see quite often when things go wrong elsewhere in the world, RFIs are made public.

What's the 'responsible forum' for this? Why are data centres a special case of responsible disclosure (i.e. tell the operator first giving them time to rectify, then publish so others can learn lessons).

Sam

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20160927/f3d6a22a/attachment.html>