Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Government Networking Security The Military IT Your Rights Online

DARPA Seeks Input On Securing Networks Against Attackers 119

Posted by Unknown Lamer
from the license-required-to-surf dept.
hessian writes with an article in Wired about the problems facing the U.S. Government's networks in an increasingly hostile world. From the article: "The Pentagon's far-out research agency and its brand new military command for cyberspace have a confession to make. They don't really know how to keep U.S. military networks secure. And they want to know: Could you help them out? DARPA convened a 'cyber colloquium' at a swank northern Virginia hotel on Monday for what it called a 'frank discussion' about the persistent vulnerabilities within the Defense Department's data networks. The Pentagon can't defend those networks on its own, the agency admitted."
This discussion has been archived. No new comments can be posted.

DARPA Seeks Input On Securing Networks Against Attackers

Comments Filter:
  • Secure systems (Score:5, Interesting)

    by Tomato42 (2416694) on Tuesday November 08, 2011 @09:36AM (#37984140)

    Start using systems that were designed to be secure in the first place. Stuff that works on a "deny by default" basis, that refuse to process any data that it doesn't understand, use OCSP as a white list on the CA side, defence in depth: use strict validation of input on multiple levels (when making web app: using default deny application firewal, then strict validation in form processing and finally use modular application design that validates data received from other modules) and so on.

    This will require throwing away most, if not all, software in use. Including OSs, probably even Linux as I'm not sure if SELinux (or other such systems) go deep enough on the kernel side. Then making new software from scratch with primary design objective to be secure. As no politician or PHB can justify spending this amount of money on such nebulous concept as security, the whole idea will fail. Because this won't eliminate, just reduce the number of security related bugs, won't help the cause.

    We have to start by teaching new programmers how to make secure systems first (and I repeat, systems, not just programs) and just then how to program.

After any salary raise, you will have less money at the end of the month than you did before.

Working...