[mike_d]

People used to get really upset about such datasets because terrorism/vandalism/etc. But eventually more sane opinions prevailed as attackers don't use this type of data - they either have insider knowledge already or just drive around to scope out targets.

DHS now publishes a ton of open datasets to help with disaster planning, emergency response, and infrastructure hardening. https://hifld-geoplatform.opendata.arcgis.com/search?collect...

[chaps]

Used to?

A lot of that still happens, just instead of "terrorism", it's "crime". FOIA requests for locations of camera, alpr, and other massively used and unaudited surveillance equipment are routinely denied because it will "allow criminals to circumvent". It's all silly and benchmark moving.

[mike_d]

Yes, used to. 15 years ago trying to publish research on critical infrastructure vulnerabilities would get you a visit from the FBI (ask me how I know). Now you get invited to DC to present it in person and your remediation suggestions are taken seriously.

[chaps]

...that still doesn't mean they've stopped as a practice, on the whole, or through other intimidation methods. Hell, I'd argue that its current and subtle manifestation is more harmful on-the-whole than it used to be. Like, sure, the DHS voluntarily releases information, but that's discretionary and at their will. Eg, I sued the Chicago for database columns and table names after they argued it would be a security risk -- DHS gives that info about their own systems voluntarily. And that's even with case law from an ICE lawsuit that says schemas are exempt.

[electric_mayhem]

Ok, mike_d, but how do you know?

[sam_lowry_]

Second that!

[swarfield]

:+1: