Slashdot Mirror
U.S. Gov't Sponsors InfoSec Defense Training
Anomolous Cow Herd writes: "CNN is reporting that the U.S. government is awarding scholarships to a select few computer science students to study information security, with the caveat that they must agree to work for a government agency for at least two years afterwards. This is in response to the general state of paranoia that has ensued since 9/11, with 'cybersecurity' as a high priority. Considering that a vast majority of government agencies run on Windows NT and derivatives, it's no wonder that they consider the eventual graduating class of 180 'doesn't have a chance.'"
Seems hardly worth the deal :P
FP#2?
but I don't know if this is a good idea. Should we really have the LINUX using 14 yr old hackers working with Government secrets like this? Can you really trust illegal hackers like this?
Greetings, for free software!
that usually, many of the most brilliant people aren't that interested in school.
I'd rather see people get scholarships for IT security than for the ability to run fast with an oblong ball.
Granted, the US government runs mainly under Windows systems, but if these students are getting good educations in computer security and are supposedly going to be an influential voice in what the government buys as far as new equipment and such, do you think this will help Linux to be used more in government? I think if this were to happen, it would, consequently, generate great PR among other copmanies that are concerned with keeping their information secure.
could NT
would NT
should NT
even in severely depressed times in the tech industry security guys can get sh*t loads more money in the private sector.
You can request free computer security training information (mostly on CD) from DISA.
http://iase.disa.mil/eta/index.html
Old news.
, 00 .html
http://www.wired.com/news/politics/0,1283,46567
Yeah, because if they were running some UNIX flavor, their systems would be more secure ah? Just subscibe to some security mailing lists and try to filter out Windows*/UNIX vulnerabilities/exploits.
Quite amazingly you will realise that most of them are UNIX (vast majority Linux, then some HPUX/Solaris/IRIX).
Not a flamebait, but really disguss me all these creeps that try to bash Microsoft at the first chance.
Kisses.
two years and one month after the first class graduates a new consulting firm will be organized because these programers will realize that they can make 100 times as much by getting hired as outside consultants doing the same job. I don't think that in two years the government is going to get their moneys worth. Are they tring to make life time employees of the state? It won't work. On the plus side their will be a few happy students with scholarships
Business News and Resources: www.usasource.net
Couldn't tell whether this was supposed to be an April Fool's joke or not...
SpamNet - a spam blocker that really works
Hi!
My name is Osama Ben Logan and I would like to apply for a scholarship and two years employment managing computer security in a sensitive government facility.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
Get it here, only 5tb download!
While the VERY FIRST PARAGRAPH of the article reads:
Ya know what? Other than putting some additional paranoia in the public (and management) mind, infosec has little to do with terrorism. Sure, the politicians like the run around screaming "digital pearl harbor". But the general state of most organizations' infosec stance has been in shambles well before 9/11. And those vulnerabilities mean that these organizations are much more likely to be attacked by a random attack-of-opportunity than a coordinated terrorist activity.
And that includes the US Government. It might go especially for the US Government where "security" is usually dealt with a Cold War mentality. One that has little to do with the current state of information security. Instead, government agencies tend to rely heavily on prosecution (which kicks in well after the damage has been done). Change to this mindset is hampered by limited budgets which make hiring experts (or retaining anyone with the appropriate skillset) difficult. A couple years ago, the FBI even complained to congress that they could not attract experts in the field due to their uncompetative pay.
So to wrap it all up. Government computer systems tend to make suprisingly easy targets. This program is part of the awakening and catch-up the government is undergoing on this issue. It has very little to do with terrorism and 9/11. And even the very article referred to states that.
Just thought I'd point out that the NSA has been running similar programs for a while. I actually looked into them when I was in college, but then I realized I was looking at Big Brother and asking for a part in the book 1984... on the wrong side.
On a lighter note, after hearing that Intel is trying to claim the word 'inside' as its own, I decided to do a little investigating as to exactly what is inside. Take a look.
-- "Government is the great fiction through which everybody endeavors to live at the expense of everybody else."
God slashdot is slow, shacknews had a story on this yesterday morning...
With security, a hole is a hole is a hole.
You can't take back security breaches after the fact.
The best (and unfixed) MS exploits are now played close.
If a bright graduate says 'be different, pick something less popular' who will heed this advice?
Like enron, you can add window dressing to foll the masses, and have well paid experts saying safe as houses, but even cartman knows the real substance of brown stuff.
My weathered hand rested effortlessly on the blue EZSECURE patrol cart's steering device as the blinding incandescence of a Chevrolet SUV's headlights temporarily rendered me unable to see. Inconsiderate out-of-towners who never respected the law, probably. After it had vacated the premises and the slight glimmer of light eminating from the moon was all that remained, I realized that it was 11:30, the official beginning of my shift at the local Walmart. It would last until the early morning hours when the sun would rise and Brady would arrive to relieve me of my sworn duty: protect the Walmart and its patrons with my life. I would then return to my residence here in the relatively small town of Jasper, Texas to prepare for another patrol.
Fortunately, as of an hour later, my patrol might not longer evoke the ennui that it had for the past fifteen years. After fifty years of service, The EZSECURE Corporation was entrusting me with the prodigious task of training an aspiring security guard on site as my seventieth birthday present! I could hardly wait to meet my proteg. This was unquestionably the most exciting thing I had experienced since the Country Music Fair was held here in 1978. Ah, the memories... I digress.
I applied the brake gently and disabled the golf cart's electric motor. "Use that there break real gently now," my supervisor had told me years ago, when the golf carts were new. "If you don't, it'll get old quicker and cost EZSECURE more funds." At the time, I assured him that his advice was nothing more than an old wife's tale, but he threatened me in his most intimidating (and greatly accentuated) voice with demotion. I complied only because I had no intention of becoming a security camera operator again. The Walmart's warm air welcomed my frail, wrinkled body as I walked briskly through the automatic door, my black and gray hair blowing uncontrollably due to the amount of air travelling through the door. It smelled of plastic and hand cream, but even the smell of dead fish would be more pleasant than the utterly glacial conditions outside. "Morning Kevin," I said to the Home and Gardens cashier, who rarely, if ever, replied vocally to my greetings. I suspected that he must have been a hippie, because the twentysomething blond would reply with some sort of peace symbol using his middle finger, but this morning he was uncharacteristically fatigued. Perhaps he'd fallen victim to drugs, like so many other children today with deadbeat parents. Apparently he'd arrived only moments prior, for he hadn't even powered up his electronic cash register.
After exiting the pseudo-warehouse where Kevin was assigned, I continued walking until I reached the twenty-four hour McDonalds nestled safely inside of the Walmart. As always, I purchased an eight ounce cup of freshly brewed coffee. Not only would the caffeine assist me in remaining alert during the morning hours, but I believed the coffee's inherent warmth would assist me in carrying out my nightly tasks and, if necessary, defend Walmart from aggressors.
"Peter? Peter Geralds?" an unconfident voice queried from behind me. I drew a can of mace and turned expediously, nearly emptying the hot drink on my uniform in the process. The boy jumped back, realizing that I wasn't fond of surprises. EZSECURE had trained me to react with the mace in a millisecond.
"Yes sir, that's me," I replied politely as I placed the can of mace back into my pocket. This boy wasn't a threat. After all, would a malevolent criminal be wearing an EZSECURE uniform? Certainly not. "I'm sorry about that. What can I do for you?"
"I'm Robert. Manager Bob ordered me to report to you for training." The cadet wasn't exactly what I'd anticipated. He was lanky, probably around 6'2" in stature, with blonde hair that appeared quite dark under the dimmed flourescent lights overhead.
I stepped closer to him and held out my hand. "Nice to meet you," I told him with utmost confidence.
Shaking my hand, he hesitated to reply until we'd finished. "Likewise, Peter." I picked up my coffee again and we began walking back to the Home and Gardens area of Walmart. While we were in transit, he explained that he'd been born in Japan and that his parents had immigrated to the United States shortly thereafter. "If you're Japanese, why did your parents name you Robert?" I asked him inquisitively. It certainly intrigued me that he'd not been assigned a Japanese name, for many of them were quite interesting to a layman such as myself. Whereas I'd be more inclined to name my child "Bobby-Sue," people who weren't native Jasper residents often chose poetic, interesting names for their offspring.
"They were very worried that I wouldn't fit in with other children," he informed me. Logical, I thought. Robert spoke both English and Japanese fluently; perhaps he would be an invaluable negotiator if we were ever held hostage by Japanese terrorists.
The golf cart was barely twenty feet away. "Let's start your training," I suggested as I took another drink of my coffee. "Welcome to the security business."
Comment without sacrificing karma.
Here in the link, for example, to the CIA College Intern Page.
so basically, sounds like non news item.
Maybe these are the guys who bugged a student press office at Quaker Campus a while back? Although i mention this with a something of a tongue in cheek spirit, to be serious, that incident does seem to be more of a local job using radio shack parts.
"It is a greater offense to steal men's labor, than their clothes"
/start tangent
Yes, I do believe some terrorists use this so called "interweb" to communicate. I do not believe we are going to be having cyber terrorists hacking into the pentagon. If they hack into it via the web, well, shame on them for even putting any sort of outside access.
If a cyber terrorist hacks into our missile control system and has it launch missiles at ourselves, we deserve it, because if there is anyway for a terrorist to log onto the missile launch programs from their terrorist hide out we should be bombed for our stupidity.
/end tangent
-- Goto Blasto.Net for GOOD, FREE E-Mail, with many names to choose! Really! GO!
Like this hole and this hole?
The owls are not what they seem
It's:
Four years without a remote hole in the default install!
Which is rather awesome for anyone just trying to mess around with BSD or get into the UNIX-variant world. You can just shove in a boot disk, set up your system, install with the default config, and you have an up and secure system. Just add some ip forwarding and whatnot and you already have a personal gateway/firewall for your household.
SG-1 sat around the camp fire one night. It had been a very boring mission for most of the team; they were there so Daniel could study some ruins that they had found. The ruins reminded him of Atlantis. How his old professor would have loved these. His professor had been nicknamed Atlantis Atticus. Daniel found himself distracted by many thoughts of his college years.
Now by the fire Jack started playing a game. "The rules are simple: either tell the truth or take the dare."
"Why would one not wish to speak the truth?" Teal'c asked somberly.
"You'll see." Jack turned to Sam. "So Sam, Truth or Dare? How old were you when you lost your virginity?"
"I'd take the dare but I'm sure it would be worse." Sam said with out doubt.
"Not too bad to start. Maybe show us your tits or your ass." Jack was leering at her.
"Truth, I was sixteen. Why do I have a feeling you are going to take every dare, Jack?" She continued. "My turn to ask a question?"
"And the point to this game?" Teal'c asked with confusion.
"To embarrass your friends." Daniel spoke quietly.
"Daniel, How about you? How old were you when you lost it?" Sam asked.
"That's easy, it was a few years ago with Shar're." Jack replied for him as he started to laugh.
"I was seventeen, Jack." Daniel sounded very serious.
"I'm sorry, Daniel." Jack was now serious too. "That was stupid."
"It's okay, Jack. I'm going to bed." Daniel stood up and headed for his tent.
"Danny, I'm sorry!" Jack got up and chased after him. "I didn't mean to hurt you."
"You didn't. I'm fine, just tired." Daniel smiled at Jack. "Goodnight everyone."
Daniel crawled into his tent. He could hear his friends talking. Jack was definitely worried about Daniel. He'd never meant to hurt him. Daniel thought about going back out but his mind was racing. Sam's question sounded so innocent. But it brought back a flood of memories. The ruins didn't help either because it was in college that he had met his first love.
Seventeen was an awkward age for Daniel. He was smarter than most kids his age and was taking many advanced courses at the University Of London. He really didn't seem to fit in with anyone. Until he met an older graduate
student. This guy already had a degree in physics and chemistry. He has also been to Vietnam. Daniel looked up to MacGyver.
MacGyver was wild, unlike anyone Daniel had ever met. He was a tall, good looking man. It seemed like there was always a group of girls following him around. He was one of the few people that had a flat off campus. Daniel was surprised when MacGyver asked him over one afternoon.
MacGyver had always seemed to like Daniel. They'd shared many classes. Mac had always took time to talk to him. Daniel wasn't really sure what to
expect. He knew the guy didn't drink or do drugs. He knew that Mac was very intellectual. Maybe he wanted to discuss their assignments.
When the two arrived at MacGyver's flat, Daniel was surprised that there was no one else there. He expected the group of girls that followed Mac around campus to have followed him home. A slim thought had run through Daniel's
mind. Maybe one of those girls would notice him.
"Daniel, can I get you something to drink?"Daniel nodded as Mac continued.
"Do you miss the states?"
"Oh yeah. I can't believe the cultural differences. It really is interesting
how two societies with the same origin could have developed so vastly differently." Daniel pushed his glasses up. 'Shut up you sound like nerd.' He
said to himself.
"I never thought about it that way. It really is amazing that there are so
many different cultures are out there. And I plan on seeing them all." Mac
smiled at him as he passed him a glass of juice. They both took a seat on the
sofa.
"Have you seen many?" Daniel asked not sure of what else to say.
"I backpacked all over Europe. It was great. We had a lot of fun." MacGyver
moved closer to Daniel. "Maybe we could get away this weekend. We could
backpack up the coast. What do you think?"
"Really? You want me to go with you?" Daniel was surprised and honored.
"There's a lot of things I want to do with you!" MacGyver said with a leer.
MacGyver gently leaned in and allowed his lips to brush Daniel's.
"I didn't miss-read you, did I?" MacGyver whispered. Daniel could feel Mac's
warm breathe on his face causing his skin to tingle.
"Um...no." Daniel was wide-eyed. 'What was there to miss-read. I haven't been
with anyone,' he thought to himself. MacGyver kissed him again. This time
taking Daniel's lip into his teeth. Daniel's head was spinning. He had never
been kissed by any one like this before. Maybe this is why he never felt like
he fit in. The next kiss sent Mac's tongue probing. Daniel wasn't sure how to
react. He just knew he wanted more.
Mac reached for Daniel's glasses. Daniel was startled back. He must have
looked worried.
"Do you want to take your glasses off?" Mac was reassuring. "You seem
nervous. Is this your first time?" Mac flashed him a sweet smile.
"Well...Um...I...."
MacGyver kissed the stuttering young man. "It's okay. I like virgins." Mac
kissed him again more passionately than before. Mac let his hand explore
under Daniel's T-shirt. Mac's long talented fingers quickly found Daniel's
soft nipple, changing it's appearance. Before Daniel could do the same his
shirt was peeled away.
As soon as there was bare skin, Mac began to nibble at Daniel's chest. His
tongue was quite talented as it tickled each nipple. Daniel's whole body
quivered under Mac's touch. He never noticed that Mac was unbuttoning
his own shirt as he worked his way back up to Daniel's lips. When Mac's hot
flesh touched Daniel's, it was electric and smooth. He laid Daniel back on
the sofa. And came to rest on top of him. Mac never broke their kiss.
The two men laid there kissing. Mac's passion and groin burned and he rocked
his hips gently. Daniel could feel Mac's engorged member against his own and
let his hands explore Mac's hot skin. Mac rolled to his side and directed
Daniel's hand to the front of his jeans. Experienced fingers quickly opened
Daniel's pants. Mac messaged him as Daniel had done only in the darkness of
his own room.
Daniel tried to concentrate on pleasing MacGyver. He fumbled with the button
on Mac's jeans a few times until Mac helped him. Daniel wrapped his fingers
around Mac's raging cock and as he stroked, he couldn't help but notice the
size difference. Mac was only a little wider but definitely longer. Daniel
was trying to mimic his new lover. The more Daniel stroked, the more he was
rewarded.
Daniel's kisses were more passionate. He sent his tongue probing as MacGyver
had done. Mac anxiously sucked the gem in his mouth, then sent his own tongue
into Daniel's hot mouth. Daniel knew exactly what Mac wanted. This drove Mac
wild. He needed something else sucked.
He quickly moved into a position to shed his pants. As Daniel started to
strip too, he noticed Mac wasn't wearing any underwear. "Don't you wear
underwear?"
"Nope! I like to feel free. It's very relaxing. Especially in bed." Mac took
Daniel's hand and lead him to the bedroom. "Have you ever slept in the nude?"
"Um...nude...Well...I have a roommate."
"You can sleep here tonight. I'll even let you sleep naked." Mac smiled
hopefully. MacGyver pulled the naked man into a kiss. They stood there
kissing, allowing there bodies to mingle. Mac backed Daniel onto the bed. He
was careful not to land hard on top of Daniel. After a few more kisses,
MacGyver began to make his way down Daniel's chest. Once again he stopped and
teased Daniel's nipples. Daniel began to tease Mac's, too, but MacGyver had
other plans for that hand and pushed it down to his waiting cock.
Mac could see Daniel's need. Taking Daniel's cock into his mouth he could
taste his precum. Mac shifted his position to straddle Daniel's face and
slipped his cock into Daniel's hot wet mouth. Daniel was unsure exactly what
to do, but once again he followed Mac's lead. Mac was sucking wildly at
Daniel's throbbing member. He had found a good rhythm, rocking his hips and
driving his full length into Daniel's aggressive lips. A quick study, Daniel
soon matched the pace. Mac wet a finger and let it slide between the two
cheeks and Daniel did the same. Daniel's ass was very tight so Mac only
messaged the outer ring.
Mac was going crazy. Daniel wasn't penetrating. Mac knew he wouldn't unless
it was demonstrated to him. He really didn't want to hurt Daniel, but his
lust won out. Mac once again wet his finger. He slipped it in just long
enough for Daniel to do the same.
"Don't stop." A very breathless MacGyver rang out with relief in his voice.
"Please, keep doing it."
Daniel did as Mac asked. Mac started to caress Daniel's sensitive balls with
his other hand. This time Daniel could not reciprocate. Mac's grasp on his
testicles was more than he could stand. Daniel released MacGyver's hotcock
from his lips in a vain attempt at catching his breathe. It wasn't long
before Daniel came. This set off a chain reaction in Mac. The feel of
Daniel's hot juices flowing down his throat was more than his body could
stand. Mac shot his load all over Daniel's chest.
Mac rolled over on to his back. He was breathing very heavily but was still
trying to speak. "Do you want to get a bite to eat?"
"I think I need a shower first." He whispered through labored breathing. Mac
turned around to face Daniel.
They kissed softly, both to tired for anything more. "Can we do this again?"
"This and a whole lot more." Mac said with a nasty smile. "But not without
showers and some grub. You want to take a shower with me? It's a lot of fun!"
Daniel rolled on top of Mac kissing him wildly. "Does that answer your
question?"
"Oh yeah! I can tell this is the start of something great!"
Daniel awoke from his thoughts to hear laughter. As he emerged from his tent
he could see Jack standing in front of Teal'c. Junior was out and Jack was
about to pat it.
"Watch out, it bites!" Daniel said with a chuckle. Jack withdrew his hand.
"Welcome back." Jack said with a smile. "Would you believe they dared me to
touch Junior?"
Jack reached out his hand and gave Junior a quick pat on the head.
"My turn to ask a question." Daniel stated. "Jack, truth or dare. Ever kiss
another man?"
"I'll take the dare if it means kissing you." Jack was grinning in
anticapation. Jack stepped up to Daniel. Taking him in his arms, Jack leaned
Daniel over, gave Daniel a long passionate kiss, then stood him back up. "I
guess that's a yes. Now my turn, Daniel. And I think it involes you, me and a
tent."
Daniel just smiled with the thought of getting Jack into his tent.
The owls are not what they seem
In other news, Jraxis confesses! He was Wipo all along!!!!1
"Machine code? Huh? Direct memory access? Programs can't do any of that!"
Java is the blue pill
Choose the red pill
When I was in college, I found that the overall grade for a course was usually about 50% exams and 50% coursework. The coursework usually invovled applying some basic elements of the class that were usually identifiable from the syllabus or the first day's class outline lecture.
The exams were usually well over 80% based on the course lectures, which tended to be an overview of the reading. The better professors threw in some easy nuggets that were never discussed in class, only in the readings. The weaker ones lectured basically the books plus some fill-in material, but the fill in was just glue to give the course some coherency.
I found that I could ace most classes if I wrote an A paper and scored an A on the exam. The work it took to do this involved light reading of research material and great class notes. The actual assigned reading I generally just skimmed to make sure there was no great deviation from the lectures. I seldom if ever actually "read" it, except for literature assignments. Just going to class, writing notes and doing the paper was all it took.
I discussed this with a friend who is a history professor and he said that undergrad land its pretty difficult to have significant test material on assigned readings without 2/3s of the class getting Ds or Fs -- even if he announces on day 1 that 50% of the exams will be taken exclusively from readings not lectured in class. He thinks its legit to do this, but hes gotten flak from department people who say its beyond the scope of the average undergrad to assimilate meaning from academic readings.
I would assume at serious classes at high-end academic places like Harvard would have lectures that didn't cover the readings AND readings not included in the lectures, making it impossible (without notes from somebody who WAS there) to get more than C if you skipped lectures.
At other schools (mine was a big 10 university), skipping lectures was suicide but skipping the reading was not.
We should not ask whether UNIX is or is not more or less secure than Windows NT, we should ask whether a specific derivate of UNIX can be made more secure than Windows NT can be made.
...be locked down into sendmail's compartment ...probably lose all of sendmails privileges when exec()'ing another binary, because the other binary does not have these privileges in its proxy privilege set ...not be able to access configuration files, because they are probably protected by an integrity label ...not be able to read secret information, because MAC's sensivity label would not allow it ...not be able to gain any further privileges, even if he/she could exploit highly privileges binaries, because these privileges are not in the session's limiting privilege set
You are all mainly talking about application level security.
How many exploits are there on Windows NT - for IIS, for LANServer, for other NT services, for hacking the registry?
How many exploits are there for Linux - for Sendmail, for BIND, for telnet and even for SSH?
You mentioned OpenBSD, so let's take some look at OpenBSD. Its DEFAULT install is secure.
What about adding third-party software? What happens, when you've got Sendmail installed, and someone manages to hack uid 0 by exploiting some vulnerability in the Sendmail daemon?
All of these exploits are application level vulnerabilities.
The real problem with operating systems is, that they highly depend on application level security. Even OpenBSD is NOT really a secure Operating System - it's just a really secure software distribution.
OSes themselves may not be vulnerable - but their highly privileged application make them vulnerable.
However, for some derivates of Unix and specific setups of Unices, this is no longer true, while for Windows NT/2000/XP it is still true - and that is, why some Unices actually are more secure than NT, because their OS Kernels offer really strong security below the application level (user space).
Did you ever take a look at Trusted Solaris, at AIX/CMW, or at Argus' Pitbull for Solaris or AIX?
Sure, if some application is vulnerable to being exploited, it will still be vulnerable when running on one of these OSes - but it doesn't matter that much, because these Operating Systems are locked up from inside the OS kernel.
On 'normal' Unices, you simply attack some process, which has root privileges, and all system security is gone because of root's omnipotent superuser privileges.
On the OSes mentioned above, you do not run any process with root-like privileges, because you simply don't need to - instead, you've got a large set of privileges to allow some very specific privileged operations (like using a restricted port or changing the root directory), so what do you want to attack in order to get access to the Operating system itself?
On an Argus-enhanced Solaris box, for example, Sendmail would be running in its own compartment and with the PV_ASN_PORT privilege in it's effective privilege set.
If someone would successfully attack Sendmail, he/she would...
a)
b)
c)
d)
e)
Provided that these Trusted Operating Systems are correctly configured, the only way to hack into one of them is to attack the OS kernel itself.
So, how many exploits can you find for the Pitbull-enhanced AIX kernel?
More information:
Trusted Solaris
Argus Systems
kind regards from Austria,
octogen
The CERIAS program at Purdue University is one of the recipients of this NSF grant. Other recipients include: CMU, and the Naval Post Graduate School. But this isn't necessarily a slam dunk, you still have to be admitted to the program at the school you apply to.
A free education is nothing to sneeze at. Talk to a current grad student who is either teaching a class or picking up his prof's dry cleaning to pay the bills and they will tell you how they wish they could find a funding source like this.
The institutions that received this grant do cutting-edge research in security that will influence the field for years to come. Heck, I'd do it just to go and study w/Spaf.
it's not going to stop until you wise up, no it's not going to stop. so just give up.
This kind of thing would probably work better from a third person omniscient perspective. That way you don't have to confuse the reader about what's going on by thinking in the vernacular, and you can more effectively satirize Walmart security. For example, have them do something stupid, but don't explain what the thinking was behind what they did.
Other than that, this looks like it could be a pretty interesting serial. Keep writing!
Is your company running tools written by ma
Considering the fact that the DOD is a monster beauracracy with more security holes that swiss cheese, the task of pinning down info sec is monumental. The manpower required to really get the job would be 10 fold the proposed graduating class. As a former member of Air Force communications squadron, I cringe when thinking about the lack of sophistication involved in managing their networks. NT is embraced as the desktop OS of choice but so is it amongst a majority of large corporations. The difference is the backend, also NT based couple with Novell, or so it was 5 years ago. Network outages were common place, I remember one time email and internet access being down the entire day! I wasn't behind the scenes to give actual specifics, but I was close enough to say it was a two bit operation. Take into account that this sort of operation is found in every squadron (20 or so) on each base and we at the communication squadron were supposed to be the experts. Now take this scenario and apply it to the rest of the bases throughout the world and don't forget to factor in the Army, Navy, Marines, and you end up with a nightmare of a situation.
You can't realistically expect the government to be able to attract top of the line talent in IT security with their traditional job structure.
You know: come in from 9 to 5, have a GS rating with plodding single digit percentage raises each year, put up with a few petty bureaucrats, slug it out for several decades and finally retire well off.
The people they're after are young and don't care about retirement plans, but do care they get paid what they're worth on the open market and don't want supervisors having a cow if they come in 8:05 am.
I think any plan, like this one, that helps to get those talented people into government service is just what the government desperately needs.
It reminds me of people going to medical school on military scholarships and serving a while after their schooling is finished.
"Provided by the management for your protection."
The program only accepts U.S. born applicants; more information on the Iowa State fellowships is available as is information on the program as a whole. Most of the core training at Iowa State is in Computer Engineering classes: CprE530(protocols), CprE531(security), CprE532(warfare/hacking), CprE533(crypto) and CprE534(ethics). If you take a look at the ISU fellowship specs, I think you'll agree that this is a decent way of paying for school and serving your country at the same time. I agree with the previous post that this is basically ROTC for geeks. ;-)
We had the security emphasis full paid scholarship last spring BEFORE 9/11 happened. It's been available for about a year now, however after 9/11 happened the emphasis to get people interested in it increased. It's a brand new program nationwide and at Mississippi State, so I know that it's not entirely the 9/11 'experience' that started the program, since we began school in August and they announced the program in the spring... However 9/11 has definitely fueled the program, funneled more money into it, and increased interest. They give you a ton of money to be in the program, thousands of dollars, however you are required to do so much internship time with the gov't and then you have to go into a gov't security position WHEREVER THEY WANT TO PUT YOU when you graduate. I considered it at first, but I'm not sure it would have been the best route for me personally to take.
At least the gov't is trying to get some better sysadmins into there workforce. Not to insult any gov't sysadmins out there, but it's obvious that they want more people checking each others work so that there are fewer holes, hopefully/theoretically.
[Something witty and intelligent should have appeared here.]
{Traicovn}
I'm a grad student in CprE/Security at Iowa State, one of the schools administering this program; I was too far along in my studies to apply. Some notes:
1. This started before 9/11. This is not in response to terrorist threats, but rather a real nderstanding that critical infrastructure is at risk.
2. There are both 2-year fellowships for grad students and scholarships for undergraduates. They cover full tuition, room, board, books and fees, plus a stipend.
3. It works a lot like a ROTC scholarship: we give you two years of support, you owe us two years of work after you graduate. Which in security isn't a bad tradeoff; guaranteed job plus very resume-boosting experience. Yeah, you can make more money elsewhere, but it's a good job.
If you want more information about actually applying, you can look at the program webpage here, or the ISU Information Assurance Program site here.
"This message is composed of 100% recycled electrons."
"This is in response to the general state of paranoia that has ensued since 9/11, with 'cybersecurity' as a high priority."
Yeah, there seems to be no end to the proposals the government has come up with since 9/11. The only problem is, none of them would have stopped the 9/11 terrorists. It's a bit like shutting the barn door after your car has been stolen from the garage.
Don't discount the athletic ability of the CyberCorps!
At the University of Tulsa, we made it to the finals for Intramural Flag Football. However, I don't believe TU's real football team could handle writing an Intrusion Detection System for a Signalling System Seven telecom network. Check us out!
Yes I know this is likely a research facility.
Is this something like the search for Intelligent life in the Universe?
"It is a greater offense to steal men's labor, than their clothes"
This is so horribly inaccurate. Bill Clinton was trying to gather support for Government funded training schools for IT security that mandated Government service afterwards while he was still in office. I never could find substantiate information on it and I assumed it simply got lost at some point.
I don't really see a big correlation to that tragic event and this program, at all. What, is learning how to properly firewall a system going to suddenly make INS and customs capable of keeping known terrorists out of our country? I don't think so. Not *everything* that happens in this country is related to that, you know.
http://about.me/paultenny
Look at the pic in the CNN article -- they look like my grandma and grandpa! Not exactly our typical college students, huh? =P
There's 10 types of people in this world, those who understand binary and those who don't.
Aren't all the REALLY critical systems (defense, air traffic, etc) already air-gapped from public networks like the Internet?
There's 10 types of people in this world, those who understand binary and those who don't.
It is, however worth noting that according to the scholarship program website, the proposal deadline for this scholarship was December 19, 2001. Way to fuck with me on 01Apr, Slashfags.