Department of Homeland Security Wants Nerds For a New "Cyber Reserve'" 204
pigrabbitbear writes "Just three weeks after Defense Secretary Leon Panetta told an audience at the Sea, Air and Space Museum that the U.S. is on the brink of a 'cyber Pearl Harbor,' the government has decided it needs to beef up the ranks of its digital defenses. It's assembling a league of extraordinary computer geeks for what will be known as the 'Cyber Reserve.'"
NO! (Score:5, Funny)
Re:NO! (Score:5, Funny)
Maybe not but if they handed out T-shirts, geeks would be all over it.
I WANT YOU! (Score:2, Funny)
http://www.nationaldefensemagazine.org/archive/2011/August/PublishingImages/Cyber_UncleSam.jpg
Re: (Score:3)
Re: (Score:2, Insightful)
It shows you have better taste than all them kids theses days, with their colorful bovine
Re: (Score:3)
you cannot commandeer /.!
Warmly recommend DHS to try at 4chan: recruit them young, you know! (grin)
Re: (Score:2)
DHS -> Pays 4chan to run ads for them, is surprised by the number of applicants.
Re: (Score:2)
And most turn to be fake applications, just to generate ad revenue for 4chan.
Re: (Score:2)
Doesn't this seem like a GREAT OPPORTUNITY for an Anonymous op?
#OpReserves Sign up now!
Go for it, kids!
Re: (Score:2)
Oh deer. :P
Re: (Score:2)
Yes they can. How exciting!
It'll be just like this! [youtube.com]
Well, except for the friends, party, and wife.
Cyber Reserve? (Score:5, Funny)
You know they are jealous of Best Buy and wanted to call this the Geek Squad.
Re:Cyber Reserve? (Score:5, Funny)
Re: (Score:2)
Applied where?
Are you serious? On the Internet, obviously.
Re:Cyber Reserve? (Score:5, Funny)
I figured Cyber Men would be a better name for an extended army of...
Oh.
Re: (Score:2)
Cyber this, Cyber that.
Fuck.
If I have to read the word "cyber" one more time my head is going to explode.
Re:Cyber Reserve? (Score:4, Funny)
Cyber!
a/s/l?
You know I've been wondering about this.... (Score:5, Insightful)
And if you think I'm exaggerating, you either aren't working in tech or you're not paying attention.
Re: (Score:3)
The USA usually finds just the people they need for any role.
NSA, CIA, DIA know where to find people, get them into crypto, make life more easy as they move up the advanced math ranks.... or trade tracer fire during peace time in distant lands.
The TSA found its people in other parts of the US and even the tame US press seems to have to report on the lack of basic background reports on staff, missing items... but they had the 'hands' on skills needed...
So what
Re:You know I've been wondering about this.... (Score:4, Insightful)
Re: (Score:2)
You are right, there are not a shortage of VB programmers. There are plenty of 40 year old guys that claim they have 25 years experience in software development and want >$100k. Unfortunately, 99.9% of them turn out to hardly know how to operate a computer effectively, much less write software for it.
There is, indeed, a shortage. I have spent my whole career in IT involved in, or responsible for hiring team members and we frequently spend months looking for a person (and then end up compromising).
All
Re:You know I've been wondering about this.... (Score:4, Insightful)
There is hardly ever a shortage of skills at such a geographically large scale, rather there is a shortage of candidates willing to work at the offered rate. If there really was a true shortage, as will all supply and demand scenarios one would see a significant rise in pay rates across the sector, which as not happened.
Re: (Score:3)
Re: (Score:2)
And they already have it compromised, so what would be the point?
Assembling? (Score:5, Funny)
Or rounding up?
[puts on tinfoil hat]
Comment removed (Score:5, Interesting)
Re: (Score:2, Insightful)
The enemy is trying to blow up shopping malls and Christmas tree lightings, not prevent those actions. Very few people will shuffle off this mortal coil due to a pat-down for refusing the back-scatter sensor, or from having excess shampoo removed from their baggy of liquids before boarding a flight. Very few people will survive having a building collapse on top of them, their plane being flown into the ground, or standing too close to a truck bomb that goes off 50 feet away at the mall.
I would say that so
More like dividing and conquering (Score:5, Insightful)
Look she spouted a lot of garbage about 'cyber-geddon' and it was torn apart by geeks pointing out that hacking a web page of a power station with its 10 visitors a day, is not synonymous with attacking the power station, and that the fix for these problems is to keep critical stuff on private network links.
So they hire a few geeks who will talk sh1t to attack the real enemy, us and our plain talking common sense! The War on Common Sense!
I noticed that the Russian Hacker, Georgia revealed a few days ago, was a sad man living in a crappy room, not a soldier in a military uniform surround by War Game screens. They are just a pest, and for Georgia it should have patched its servers and locked down its logins, even for the government websites so he couldn't deface them.
If you have a problem, you fix the problem, you don't declare war on it.
Re: (Score:2)
I don't think the US is worried about traditional a-hole "hacker" who is deluded into thinking cyber-vandalism is a good thing. I think now that Israel and the US teamed up to cyber-attack Iranian nuclear enrichment facilities, the entire world is racing to bone up their cyber-warfare divisions. Real war stuff where people die, not just kids who misunderstood what the term hacker meant.
Has anyone heard what the extra transistors TSMC was adding to every Xilinx FPGA were for? I doubt they're a good thing.
Re: (Score:2)
Or rounding up?
My thought exactly. You're looking at the official suspect list when our digital armageddon finally comes...
If it worked like the Army reserve, I'd be in. (Score:5, Interesting)
Think about it, you participate one weekend a month for sec training and preparedness drills, and take on a special project every once in a while, and get the military benefits without leaving your house. I'd be in for that, especially if it (being those projects) could be done as moonlighting outside my regular job. That doesn't sound so bad.
Re: (Score:2)
Count me in too. Well, assuming "preparedness drills" involve donuts instead of pushups.
Re:If it worked like the Army reserve, I'd be in. (Score:5, Informative)
.
You do know that :
-- quite a few of the reserves are actually deployed at the present;
--a lot of the National Guard is called out and deployed at the present;
-- a lot of people who have finished their tours are told that they must re-up.
.
Even if they are not deployed overseas, they are often activated to take the place on base of combat troops who are deployed overseas. So if you're part of the Ready Reserve [wikipedia.org], be ready to be deployed at any time of need. Not that there's anything wrong with that. Just know about that ahead of time.
Re: (Score:3)
The relative number of reserve and National Guard active are not that large compared to the total reserve force. The current goal is no more than three or four deployments over the course of a career - assuming there is a need for that force level deployed to a war zone, which seems unlikely to me.
Managing the Reserve Components as an Operational Force [defense.gov]
In January 2007, the Secretary of Defense established total force utilization guidelines that included the planning objective for involuntary mobilization of National Guard and Reserve units and individuals of a “one year mobilized to five years demobilized ratio.” This guideline does not mean that every Reserve member will serve one year out of every six years. . . .
Many skills that are useful to the uniformed military are difficult to acquire through traditional accession policies, are challenging to obtain on short notice, or are only needed for a limited duration. These skills might include cutting edge, technical skills such as those possessed by engineers, scientists, or information technology professionals, as well as specialized skills such as languages and cultural understanding. Flexible affiliation options allow the Services to meet requirements with individuals who may be willing to volunteer for some form of military service for short periods of time or in response to specific emergencies, but for whom traditional affiliation programs are not of interest. Thus, removing barriers that limit Reserve members from contributing more to defense missions is an ongoing and necessary process.
- - -
-- a lot of people who have finished their tours are told that they must re-up
I think you're confused. Service members were not told they must re-up, but rather some had their service period involuntarily extended by a "Stop Lo
No functional difference. (Score:3)
.
Those are two phrases that parse out to the same func
Re:If it worked like the Army reserve, I'd be in. (Score:5, Informative)
I'd be in for that, especially if it (being those projects) could be done as moonlighting outside my regular job. That doesn't sound so bad.
If they actually pay you for it, I doubt they'd let you do it at home.
Think about it, you participate one weekend a month for sec training and preparedness drills, and take on a special project every once in a while, and get the military benefits without leaving your house.
The US military is famous for switching job descriptions once people have entered their ranks.
Many people want to be Air Force pilots for instance, so they sign up with the Air Force, but when they find that it's really too competitive to be a pilot, or they don't have the political connections to make that happen. It's too late already -- they've signed on the doted line. The same goes for State Military Reserves, most thought they were committing themselves for a limited time duration of possibly doing disaster relief work, or at most that they might fight within the US in case it ever got attacked, not they were going to fight in Iraq in a pre-emptive war, and nor did they know that their contracts could be changed indefinitely at will.
Re:If it worked like the Army reserve, I'd be in. (Score:5, Interesting)
That's not switching the job description, I'm pretty sure you sign up to be in the Air Force, I'm pretty sure they won't promise you'll be a pilot or a sniper before you sign up (maybe that it's a possibility).
Fine, disregard my Air Force example, but what about my Reservists example?
That's like signing up to work at best buy and then saying they duped you when you don't become manager.
This is true enough, may be not about Best Buy, I don't actually know that many people who dream of becoming Best Buy managers, but this does happen in other professions. For instance, in law firms, the carrot of becoming a partner usually gets bandied about for seven years, even if they know from the start that you'll never make the cut.
And this is different from the military, because the military is not some law firm you can join one day, and then quit the next as their lies get revealed to you. If you ever join the Reserves, they'll own you from that point forward. It doesn't matter if you fulfilled your contract, and retired from the military. Current events have shown that it's far more palatable to the American public to back-draft reservists into the military than to enact a mandatory draft, or to pay them actual wages super high enough that would make them want to actually go back.
Also, changing job description is not the only lie recruiters will tell you. See article below.
[...]
Last year, ABC News armed a group of high school students with hidden cameras and sent them into ten Army recruiting stations in in New York, New Jersey and Connecticut, posing as potential applicants. Sadly, the Army failed this particular recruiting ethics test. More than half of the recruiters were caught on tape making what can only be kindly referred to as "misleading" statements. In other words, they lied.
One recruiter was filmed telling the applicant that his chances of being deployed to Iraq or Afghanistan after basic training and job school were"slim to none." One recruiter bluntly stated that the Army wasn't sending people to Iraq anymore -- in fact, they were bringing them home. One simply said, "War? What war? The war ended years ago."
Another recruit was told he could quit the Army anytime he wanted to, just by asking, under a "failure to adapt" discharge. (Hee, hee.....Go ahead. Tell your drill sergeant you want to quit. But, make sure you tell me in advance. I want to sell tickets.)
[...]
Top Ten Lies Told by Recruiters [about.com]
up till your called in and end up on a year long p (Score:2)
up till your called in and end up on a year long project and then what happens when you go back to your job??? The law says they can't do anything but you may have to stand up for your rights.
Re: (Score:2)
Re: (Score:2)
Please, just stop... (Score:5, Interesting)
Espionage is espionage, regardless of wether it's someone sneaking documents out of a building or tapping into someone's computer system. Just because something happens on a computer does not automatically make it a new class of crime for which there must be an immediate expenditure of untold sums of taxpayer money.
So please, governments....stop with the crap already...
Re:Please, just stop... (Score:4, Insightful)
Re:Please, just stop... (Score:5, Insightful)
But but but people connect their power plants and natural gas pumping stations to the internet because they wanted to post some updates on their facebook or do a foursquare checkin and they forgot their iPhone at home! Then when some work gets into these control systems and causes problems (maybe even people could die), it is not because of action of some locals that hooked up critical systems to the internet. It will be "digital perl harbor"!!
In politics it is not about rationality and common sense. It is about posers and perceptions. Hell, that's how we almost all died back in the engineered "Cuban missile crises".
So when some retards screw up a power grid, the result will be "how do we respond?!? war! WAR!", not "why were these systems on unprotected networks?".
Times change, but our thought patterns seem to clearly remain back in the stone age. DHS just proves the point once again.
the power grid needs to link all the plans and sub (Score:2)
the power grid needs to link all the plans and substations to each other so they can control all the switches on the lines.
Re: (Score:2)
Yes, but plants and sub-stations don't need to shop on e-Bay or check their Facebook status now do they?
If they need to be connected to a network, make it a private network and most of these issues go away.
There is no sane reason that these networks and these facilities should not be air-gapped from the internet at large. There are ways around the air-gap (stuxnet), but even these are trivial to prevent by not allowing random USB keys from outside by gluing the port closed and/or securing the hardware prope
Re: (Score:2)
Yes, but plants and sub-stations don't need to shop on e-Bay or check their Facebook status now do they?
You mean you don't detect when your power station has been hacked by seeing whether the generators have unfriended you?
Re: (Score:2)
There is no need to try and compare unlawful access to a computer system by a foreign entity to an attack that killed thousands of people and drew the US into one of the bloodiest conflicts in human history.
Yes there is if you are looking to provide a justification for continuing to feed trillions of dollars to the military-industrial complex.
Re: (Score:3)
Regardless of terminology, a massive attack on the virtual infrastructure is a different class of attack and requires a different class of defense. The term 'cyber Pearl Harbor' is ridiculous and disrespectful to those who were at the real Pearl Harbor. Also, DHS is probably the worst department to be in charge of, well, pretty much anything. The NSA would be a much better choice.
With that said, I think it's not too bad of an idea once you realize what the proper response is to a massive attack on the en
Re: (Score:2)
Espionage != sabotage
Look at the computers on the desk here:
http://ronslog.typepad.com/ronslog/2008/05/eagle-mountain.html [typepad.com]
Any clues as to control over some of the SCADA systems here might do?
in my best "say what again!" voice: Tell me it's not gonna cause problems!
Re: (Score:2)
Sabotage, and even assasination have been part of espionage for quite a while. Neither of the necessarily means war.
Re: (Score:2)
Espionage is espionage,
So far it has been, but what happens when it isn't centrifuges targeted, but humans? Train crashes and infrastructure failures?
Re: (Score:3)
Why would this hypothetical plant be connected to anything?
If it has data connections to anything more than the other ends of the intake and outflow pipes the people who decided to include such connections should be charged with treason and shot.
If it can be hacked via a genuinely-needed connection the people who made the hack possible should be charged with treason and shot.
Re:Please, just stop... (Score:5, Informative)
Ummmmmmm...
Have you just not been reading anything at all about the pervasive SCADA security holes that keep popping up everywhere? Hooking industrial control hardware to the internet to centralize monitoring, control and update has been a huge industry movement. Combine that with a mindset in the SCADA industry and end users that is much more focused on reliability than security and you get the equivalent of thousands of pieces of hardware on the internet with the security equivalent of a wireless router with the default admin account and password.
The SCADA security holes have only recently come to the attention of the industry. I can assure you that there's a giant collective brick being shat over it but fixing this stuff takes time.
And foaming at the mouth about honest mistakes isn't going to solve anything.
Re: (Score:2)
Re:Please, just stop... (Score:4, Informative)
I have access to some of my customers sites remotely, all of them are through secure VPN then either RDP from the secure connection or in one case through citrix to the computer in question. If their IT dept can't sort out VPN security that is another issue entirely.
When it comes to industrial gear stability is #1, #2, #3 and #4 on the list of priorities, and #5 is physical security, most plants that I have worked at are fenced and require you to go through a gate house of some sort before you can enter site, this is not because they are doing some super secrete work it is for liability issues, if some retard sneaks onto the site and gets an arm ripped off because they put their hand in some bit of plant, the fines and paperwork would be hideous.
Most computers on industrial sites will be running unpatched XP SP2, but it is ok because there should not be any internet connection to these machines. USB's should also be limited to trusted ones for backups.
Ok rant over.....I could go on....
to bad PS2 ports are going away (Score:2)
to bad PS2 ports are going away now there should be some kind of NEW PC's (yes that means dells, HP's, ECT) with PS/2 ports or even a pci / pci-e PS2 card.
So you can have a secure pc system that does not have USB or has USB that is 100% off.
Re: (Score:2)
T.F.A. is talking about military/gov't and you're talking about industry...
Conflating and misleading (Score:2, Interesting)
"The SCADA security holes have only recently come to the attention of the industry. I can assure you that there's a giant collective brick being shat over it but fixing this stuff takes time."
Rubbish.
What DHS is doing talking and what you also did was this:
a) Talking about SCADA system vulnerabilities and mentioning STUXNET as evidence of it (and not mentioning that it had to be introduced by a spy inside the plant and not internet facing)
b) Talking up cyber intrusions on web servers (which are internet fac
Re: (Score:2)
of course there should be an air-gap on any plant system like this, and likely is...
But then again there are things specifically targeted at jumping air-gaps.
I dont think there are any "experts" who believe stuxnet/flame hit targets directly.
I dont think these plants would have information security on par with nuclear power plants
But hey what do i know!
The preceding post brought to you by: Conjecture.
Re: (Score:3)
We're talking about China deciding that the USA needs to be taught a lesson.
Why would China want to teach the USA a lesson? The Chinese already own most US debt.
The only reason the US could be justifiably paranoid about what China can/can't do to them, is if the US intends to default on China, stop paying interest, and pre-emptively attack China to get out of the situation.
Re:Please, just stop... (Score:4, Informative)
>The bacteria that enter the drinking supply poisons a good portion of an entire city and thousands (if not tens of thousands) die.
Because no one, not even the people there at the plant, notice that the sewage is going into the water, and no one notices that the water smells funny, etc., etc. NYC is dealing with something like this right now in the wake of hurricane Sandy. See http://www.huffingtonpost.com/2012/10/30/hurricane-sandy-sewage-toxic-_n_2046963.html [huffingtonpost.com].
Killing people with computers is a LOT harder than killing them with kinetic weapons because, aside from people being monitored by computers in hospitals, most people aren't directly relying on the computers to keep them alive.
The north eastern US suffered a major, multi-day blackout a few years ago. It did not bring the country to its knees. Similarly, regional weather events may shut down transit/business/etc., but people are moving to backup systems (e.g., walking/biking to work in the case of NYC) and dealing for the time it will take to bring the systems back online.
Any cyber attack that could actually meaningfully harm the US would cross the line into casus belli and likely receive a kinetic response.
It's possible that some kind of cyber attack could be used as a distraction or to syphon off resources while a kinetic attack takes place, but that's still assuming some other nation believes it is in their national interests to get into a shooting match with the US.
Sen. Lieberman had an opinion piece in the NYT (http://www.nytimes.com/roomfordebate/2012/10/17/should-industry-face-more-cybersecurity-mandates/the-cyber-threat-is-real-and-must-be-stopped-by-business-and-government) supporting your position. Numerous real security professionals would disagree, from Bruce Schneier (http://www.schneier.com/blog/archives/2012/10/stoking_cyber_f.html) to people like Scot Terban (http://www.schneier.com/blog/archives/2012/10/stoking_cyber_f.html).
Re: (Score:2)
Re: (Score:2)
Copy/paste fail. The link to Scot Terban's article at krypt3ia is http://krypt3ia.wordpress.com/2012/10/29/the-threat-is-real-and-must-be-stopped-clarifications-and-rebuttal-by-an-infosec-professional-final-draft/ [wordpress.com]
Re: (Score:2)
Near me wastewater treatment plants are not at the same place as the fresh water intakes.
Re: (Score:2)
Don't sign up the best, send away the worst (Score:2, Funny)
I can't help thinking we'd be better off sending our very worst programmers overseas instead. If you really are a computing screw up, the kind of guy that turns a "hello world" into an infinite loop, your truly are an asset to this nation and we'll gladly sponsor your job application to iran or north korea. Problem solved.
really? (Score:3)
well then it's time for the people in charge of this, who were probably the lawyer/prep/ivy league have-it-alls in highschool, to get over their cliquish demands for irrelevant shit like dresscode conformity, good looks, superficial pop culture interests, and top tier athleticism if they want the very best technologists. Of course, if these assholes had learned anything since high school, they'd realize calling anything 'cyber' or 'virtual' scares away the people they're trying to bring in before they even start.
sorry leon (Score:4, Funny)
Worried about cyber perl harbor? Give me a break. (Score:3, Informative)
If that were true, it would have already happened by now. I mean, wtf are the US's enemies waiting for?
Here's what someone said back in 1998: [fas.org]
Excuse me if I can't take the government seriously about preventing a cyber "Pearl Harbor". What'll happen is that there will be some attack w
They don't pay. (Score:2)
Why would you hire an expert computer hacker/programmer/systems guy/girl if they can get paid 3x the amount working in a private company?
If you want to create an elite set of 'ubergeeks' you need to pay them a lot of money, allow them to work in jeans and tshirts, endless supply of mountain dew and snacks.
Or otherwise work for Google.
Re: (Score:2)
a team of agents talked to your grandparents, parents, friends, other extended family, teachers all over the USA and you passed...
That feeling of knowing your in for life and your clearance might help your kids get a good job?
That feeling of knowing your clearance is good for the public and private sector or an effortless mix of both.
That feeling of knowing all private companies in the USA use your netwo
Re: (Score:3)
There's no shortage of very technically savvy people in the military and other branches of the federal government as well as academia. All of those pay well below the industry average. Not everyone is solely motivated by money.
You seem to think that the military is solely composed of 18-year old recruits from the ghetto. I seem to recall that digital computers, the internet and even the space race all have their roots in military R&D. One might make an argument about the relative creativity/research
Aight (Score:2)
CYBER (Score:2)
Yes I'm sure that Network Security
Specialists enjoy anything related to the word
CYBER, it is like the New Wave era of
HACKING (not to be confused with
cracking)... or something like that
Sure, with some conditions... (Score:2, Insightful)
How long until I qualify for a pension, and
Do I get to hack other countries for fun and profit without worrying about legal repercussions?
(Hey, the SCADA hacks on Iran sound like pure geek porn. Don't lie, you all wish you could have done that without fear of the MIBs showing up at your door to ship you off to Gitmo!)
Oh, and most important - I want a guarantee, in writing, notarized, and reviewed by my lawyer, that they won't ship me off to die in some foreign sandbox (no tech-p
Re: (Score:2)
It does sound like fun and I would enjoy it given the right working conditions, though I imagine these are highly unlikely to be found in a military operation.
However, no lawyer can get you the guarantee you're looking for. If you are a male and a United States citizen, you'll remember having registered for Selective Service ("The Draft") before your 18th birthday. Under the right conditions any registered person can be called up for service, all it takes is an act of Congress.
Re: (Score:2)
True, of course, but an extreme situation (and one in which I would have no qualms about telling them where to stick their "act"). I'd rather spend a war in Canada than getting tortured by Muslims/Koreans/UnknownFoeX, thankyouverymuch.
I mean more of a basic contractual agreement - Short of Congress choosing to terminate my interest in the well-being of the USA, an understanding that I w
I'll work cheap... (Score:4, Funny)
...just hook me up with some of them Colombian hookers the Secret Service has been recruiting for their Randy Reserves.
Avengers rather than 'excitement' (Score:2)
It could be a hard sell, but if Samuel L. Jackson called, I'm sure people would join. Of course, Anonymous would have to kill the Phil Coulson of nerds first.
"There was an idea to bring together a group of remarkable people, so when we needed them, they could fight the battles that we never could... "
useless.......... (Score:2)
This whole thing is useless, and counter intuitive.
Essentially, government is going "ZOMG! We have (t)error(ist)s causing problems in our networks causing mayhem and loss of our priviledged informations!" And instead of going "hmm.. maybe we should audit our standards and practices, and actually hire people who know what they are doing...", they instead proclaim "we must create a new branch of the armed forces to be responsible for our existing and unwieldy information infrastructure! We'l call it "cyber so
New Perl Harbor: The Sequel (Score:4, Funny)
"When you see the part where Leonardo DiCaprio telnets into the Pentagon and sends drones to Moldova, you'll shit your pants!" -- Sock Puppet Reviews
"If you told me Justin Bieber could've played such a convincing hacker, I'd have laughed in your face" -- Hillary Clinton
"It brought tears to my eyes, and I was a POW." -- J. McCain
"Thank Yahweh for benzodiazepines! " -- Janet Napolitano (Eight-Time Mother of the Year Award Winner)
"You'll need your Mountain Dew for this one!" -- Anonymous
*Partially plagiarized from wikipedia [wikipedia.org].
Military Intelligence (Score:3, Interesting)
Didn't we all get into technology for the meetings, the red tape, the bureaucracy, the TPS reports, the PHBs (pointy haired bosses)
In no particular order, the Heroes at Homeland Security will clap the leg-irons onto all their tame geeks, will lock down every box, will firewall every internal network, will take away every admin priv, will assign a "handler" to every geek with veto authority on every mouse click. And then? Of course the token techies will be crucified for not being able to use their non-existent resources to defend Wal-Mart from the script kiddies
They're looking for scapegoats my friends, don't fall for it
I'm confused (Score:2)
Not a chance in Hell ... (Score:3)
The DHS is the worst idea to come out of Washington and that's a town that's pretty much only ever generated bad ideas. I'd rather be waterboarded than lift a finger to suport that particular government agency.
Re: (Score:2)
It'll be like Pearl Harbor (Score:2)
...TIMES A THOUSAND.
Re: (Score:2)
Do you has? (Score:3)
All right maggot, fallout! Colonel Homestarrunner is recruiting the most elite team of crack commandos to invade Strongbadia. Do you has what it takes to join the Homestarmy? Will you bring a sack lunch and some orange slices for me and serve your country? WILL YOU STUPID!?
private companys are the ones with poor securtity (Score:2)
private company's are the ones with poor security and some has to do with cut backs and other PHB driven stuff.
Like PHB buying stuff on the golf course with out getting tech people there to do a look over.
Staff cut backs that leads to people being over worked / not have the time to do security right.
Old hardware / software that forced them to use systems full of security holes.
outsourcing / 3rd party's techs that can have lot's of trun over / overhead and propel who don't know whats going on. There is this
Every time I read or hear "Homeland" I think (Score:5, Insightful)
Hitler and the motherland....
Re: (Score:2)
Capability Based Security (Score:2)
Capability Based Security can make our systems secure. The Unix security model was optimum for CS labs in the 1970s... but it clearly isn't suitable for mobile code in a network of 1,000,000,000+ hosts.
Only give a piece of code the resources it needs to do it's job, and it can't take the world with it.
Your intellectual inertia biases you against change... it's time to grow up and really think about this.
Re: (Score:2)
Capability Based Security can make our systems secure.
It would help, but you have to be hard-assed about who gets what capability tickets. No, Angry Birds, you can't phone home and share high scores (and user ID info). No, you can't paste data from emails into the banking program.
There are a few things that ought to be done, at least as demos. An EAL 7 BGP server and an EAL 7 DNS server, formally verified down to the machine instructions, would be a good place to start,
Re: (Score:2)
No, you can't paste data from emails into the banking program.
Ugh - I can imagine how well that would go over at work. That's the problem - we can't even figure out if a piece of code will run to completion, let alone whether it is doing something "bad."
I do think capability-based security is a good idea, but the fact is that if you want people to get anything done things will still need to be reasonably open. You can't live like you're in a perpetual state of war...
Umm... from a person that... (Score:2)
From a person that doesn't do email. Truly, truly incredible.
I know this will ruin my Karma, and... I have never used this language in a public forum in my life, but, it's warranted...
Not only "no," but "HELL NO!" you Hitlarian Fascist bitch.
There it is again... (Score:2)
...circus music. Where is it coming from?
One nerd's reply (Score:2)
"Why don't y'all take that badge and shove it up your ass. All up in your ass." I'm American.
checks (Score:2)
Ready to assist, make check payable to me.
Change the law (Score:2)
Want hackers working for you? Change the law so that ponting out a security hole doesn't land the guy in jail. Suddenly, the majority of 'cyberterrorists' will be working for you.
welcome back to the 90's! (Score:4)