<div dir="ltr">So in short, the <span style="font-size:12.8px">proposed rule, as drafted, would require the cybersecurity community to </span>&quot;fiddle while Rome burns.”<div><br></div><div>Brilliant...</div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature"><div dir="ltr">Joe Klein <br><div><span style="color:rgb(51,51,51);font-family:&#39;lucida grande&#39;,tahoma,verdana,arial,sans-serif;font-size:12.727272033691406px;line-height:15.454545021057129px">&quot;Inveniam viam aut faciam&quot;</span><br></div></div></div></div>
<br><div class="gmail_quote">On Sat, Sep 12, 2015 at 4:53 AM, Nicolas RUFF <span dir="ltr">&lt;<a href="mailto:nruff@security-labs.org" target="_blank">nruff@security-labs.org</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><a href="http://www.businesswire.com/news/home/20150714006318/en/Coalition-Responsible-Cybersecurity-Formed-Prevent-Misguided-Export" rel="noreferrer" target="_blank">http://www.businesswire.com/news/home/20150714006318/en/Coalition-Responsible-Cybersecurity-Formed-Prevent-Misguided-Export</a><br>
<br>
Quote:<br>
<br>
&quot;&quot;&quot;<br>
The proposed rule, as drafted, would have four detrimental impacts on cybersecurity firms and technologies:<br>
<br>
- Cybersecurity research will be curtailed, as the rule hinders researchers from testing networks and sharing technical information about new vulnerabilities across borders.<br>
- (...)<br>
<br>
The Coalition for Responsible Cybersecurity represents a broad cross-section of cybersecurity professionals from U.S. companies, including Symantec, Ionic Security, *FireEye*,  (...)<br>
<br>
According to Ron Bushar, Global Director for Security Program Services at Mandiant, a *FireEye* Company, &quot;the rule treats these tools as though they were weapons, but in fact they are absolutely essential for every company and government that has been targeted by attackers. Every time cybersecurity professionals are asked to do defensive testing for a business—even a U.S. business with operations in Europe or South America—they would need a license. The process involved in acquiring these unnecessary government licenses would delay cybersecurity protections for months, ensuring that U.S. cybersecurity defenses will always lag far behind the hackers.&quot;<br>
&quot;&quot;&quot;<br>
<br>
Regards,<br>
- Nicolas RUFF<div class="HOEnZb"><div class="h5"><br>
_______________________________________________<br>
Dailydave mailing list<br>
<a href="mailto:Dailydave@lists.immunityinc.com" target="_blank">Dailydave@lists.immunityinc.com</a><br>
<a href="https://lists.immunityinc.com/mailman/listinfo/dailydave" rel="noreferrer" target="_blank">https://lists.immunityinc.com/mailman/listinfo/dailydave</a><br>
</div></div></blockquote></div><br></div>