Slashdot Mirror

← Back to Stories (view on slashdot.org)

Network Webcurity Wishlist?

Posted by Cliff on from the bending-the-governments-ear dept.

breillysf asks: "I am a California-based network security attorney who has been asked by a senior US Senator to compile a list of the most important legal concerns facing network security administrators. He has a good feel for the government security issues (and lack there of), but he is concerned about what is going on in the front lines in the private sector. I thought the Slashdot crowd would have the best feel on the pulse of the current situation. Specifically, if you could ask Congress for help in the area of network and information security, what would you ask for? Or would you tell them to get out of the way?"

"For example, I tried to push for tax incentives for upgrades in network security measures, but the Senator replied that is dead in the water because we are now spending into a deficit. He would rather see insurance companies reward firms with lower premiums for enhanced security. But there are International legal issues, compliance issues, privacy complications, potential negligence liability exposure, lack of federal incident response, FOIA and anti-trust issues with info sharing, conflicting state and federal cybercrime and privacy laws, USA Patriot Act concerns, etc."

11 of 512 comments (clear)

  1. First post for Jesus by Anonymous Coward · · Score: -1, Offtopic
    I claim this furst post for the baby Jesus.

    Yours,
    Anonymous Coward

  2. Fp by Anonymous Coward · · Score: -1, Offtopic

    Fp Damn Lameness Filter Anyway

  3. First on the list... by Anonymous Coward · · Score: -1, Offtopic

    ban all open source development. Everyone knows that all 1337 h4x0rs use Linux to cause havoc.

  4. Patch aquisition and rollout needs to be simple by bbk · · Score: 1, Offtopic

    Plain and simple, getting patches and rolling them out is a pain in the ass, for most vendors products. I've switched most of my servers to BSD based systems, simply because it's easier and simpler for me to stop a service, do a cvs update against the patched source tree, compile and reenable the service, than it is for any other operating system.

    Windows update is ok (the 75% of the time that it works), but there are far to many interdependancies between products - for example, to apply the latest Outlook 2000 bugfix, you need to download a 50MB patch for all of Office 2000, and have an Office 2000 disk around - since all my Outlook 2000 installs came with Small Business Server, I don't have this, and can't apply the
    patch.

    In short, it needs to be easier to patch systems - so simple, that people will bother to do it on a regular basis.

    BBK

  5. i'll tell you what i want by Anonymous Coward · · Score: -1, Offtopic

    what i really really want

    i really really really wanna zig-a-zig-ah.

    thanks you

  6. wish list by LordXarph · · Score: 0, Offtopic

    Specifically, if you could ask Congress for help in the area of network and information security, what would you ask for?

    BAN MICROSOFT.

    -Lx?

  7. Wrong side of the bed? by Anonymous Coward · · Score: -1, Offtopic
    Note to all who post on /. -


    Please help curb angry, pointless trolls by consuming at least one caffinated beverage prior to posting.


    And on a personal note to cmclean: Got job?

  8. Gore in '04 by Anonymous Coward · · Score: -1, Offtopic

    My complaint about George W Bush

    May I be cynical for a bit? I hope you don't mind,
    but with George W Bush's latest barrage of
    malodorous notions, I can't resist the urge to make a
    few cynical comments. To get right
    down to it, some of the facts I'm about
    to present may seem shocking. This
    they certainly are. However, it's time that a few
    facts had a chance to slip through the fusillade of hype.
    What's my problem, then? Allow me to present it
    in the form of a question: Where are the people
    who are willing to stand up and acknowledge
    that Bush, in his infinite wisdom, has decided
    to destroy the natural beauty of our parks and forests?
    On the surface, it would seem to have something to do
    with the way that his whole approach is repugnant.
    But upon further investigation, one will find that
    by allowing Bush to put mephitic thoughts in our
    children's minds, we are allowing him to play puppet master.
    As for the lies and exaggerations, Bush's
    epigrams are rife with contradictions
    and difficulties; they're entirely maladroit,
    meet no objective criteria, and are unsuited
    for a supposedly educated population.
    And as if that weren't enough, if Bush is going to
    obstruct important things, then he should at least have
    the self-respect to remind himself of a few things: First, a
    true enemy is better than a false friend. And
    second, many people respond to his debauched vituperations
    in much the same way that they respond to television
    dramas. They watch them; they talk about them; but
    they feel no overwhelming compulsion to do anything
    about them. That's why I insist we pronounce the truth
    and renounce the lies.

    Even people who consider themselves scornful
    foolhardy-types generally agree that Bush's slurs
    symbolize lawlessness, violence, and misguided rebellion
    -- extreme liberty for a few, even if the rest of us
    lose more than a little freedom. One might conclude
    that Bush is incapable of writing a letter without using
    such phrases as "crapulous pop psychologists", "loquacious
    exhibitionists", "oppressive personae non gratae", or
    some combination thereof. Alternatively, one might conclude
    that Bush has a different view of reality from the rest of us.
    In either case, if you're not part of the solution,
    then you're part of the problem. His historical record of
    fickle pleas is clearer than the muddled pronouncements
    of his apple-polishers for a variety of reasons. For
    instance, the worst sorts of inconsiderate Neanderthals there
    are must be treated with political justice, not with
    civil justice, as they are sincerely not real citizens. Let me
    rephrase that: I wonder if he really believes the
    things he says. He knows they're not true, doesn't he?
    A complete answer to that question would
    take more space than I can afford, so I'll have to give
    you a simplified answer. For starters, if
    we let him cause riots in the streets, then greed,
    corruption, and tribalism will characterize the government.
    Oppressive measures will be directed against citizens.
    And lies and deceit will be the stock and trade of the
    media and educational institutions.

    Even Bush's bedfellows couldn't deal with the full impact of
    Bush's refrains. That's why they created "Bush-ism," which is
    just a garrulous excuse to force square
    pegs into round holes. He plans to drag everything
    that is truly great into the gutter. He has instructed
    his votaries not to discuss this or even admit to his
    plan's existence. Obviously, Bush knows he has
    something to hide. Most of you reading this letter
    have your hearts in the right place. Now
    follow your hearts with actions. I have traveled the length and
    breadth of this country and talked with the best people. I can
    therefore assure you that Bush's artifices cannot stand on
    their own merit. That's why they're dependent on elaborate
    artifices and explanatory stories to convince us that Bush's
    warnings can give us deeper insights into the nature of
    reality. We can and we must protect ourselves by any means
    necessary against the unrestrained bestiality
    of stupid, quasi-macabre paper-pushers. And that's the honest truth.

  9. Microsoft Antitrust by remande · · Score: 2, Offtopic
    The Microsoft monopoly is one of the Internet's biggest security holes.


    In a competitive OS environment, security would be a selling point in today's new world. But it isn't. All these Word and Outlook viruses are Microsoft-specific.


    Microsoft products are regularly cracked for two reasons. The first is that, being a monopoly, they are ubiquitous. If Yale was the only company in the nation making padlocks, criminals would only study Yale padlocks and learn to crack them, no matter how well they were built.


    The second is that Microsoft is not particularly security-conscious. The road to Windows started in DOS, which needed no security--it couldn't be networked! All the DOS-based Windows--3.1, 95, 98, ME--either have no security or had security put in after the fact. Only Windows NT, 2000, and (perhaps, I don't know) XP were built with security in mind at the beginning.


    Even with that, Microsoft has made a conscious decision to promote ease of use over security. It's always a trade off: security is obnoxious. If you don't believe me, think back to the last time you misplaced your car keys. Microsoft's decision has been wonderful in giving the average user unprecedented access to information, but just as wonderful in giving the average computer criminal unprecedented access to everyone else's information.


    DoJ vs. Microsoft is still going on, last I checked. Anything that creates competition in the OS market will help secure the Internet. Vendors are likely to make security a selling point, and criminals will have to learn to crack multiple platforms to commit their crimes.

    --

    --The basis of all love is respect

  10. Re:Don't ban tools! by BiggestPOS · · Score: 0, Offtopic

    By thugs in black suits you mean lawyers right?

    --
    What, me worry?
  11. What the fuck's wrong with the moderators? by drsquare · · Score: 0, Offtopic

    It seems every other post starting a new thread has been moderated to 5, and most of them are shite. What is going on?