Slashdot Mirror
U.S. Gov't Planning To "Help Us" Secure Computers
BahdKo writes: "CNN reported today in this article that the U.S. government is working out a plan to help protect Cyberspace from attacks by "hackers and terrorists." This plan will include the distribution of government-provided software to help clean up insecure Windows installations. It's hard to picture myself executing government provided software on my workstation (we were supposed to be *increasing* the security of the PC's, right?)"
It's almost like the US gov't has a list of things techies hate, and they're going down the list and doing each thing, just to piss us all off.
Maybe they could put the Internet in the same lock box they put Social Security in? Doesn't get any safer than that!
Linux IT Consulting and Domino Development in Michigan
Isn't it ironic that a few days ago /. posted an article about how 1984 DIDN'T happen. Now the U.S. Govt is trying to make it happen? ;)
From the makers of Carnivore, comes a new an exiting new product! ...
Good. So you're not worried about that line 3029 that says:
if (slashdotId == "Wolfier")
{
openBackdoor();
sendHisDodgyWebAccessesURLsToUncleSam();
triggerIRSAudit();
}
-WolfWithoutAClause
"Gravity is only a theory, not a fact!"I'd want to read every single line of any code given to me to run by the gov't
/. :)
Actually I'd be content to just let you read it and wait for anything suspicious to pop up on
I stole this Sig
Hmm... So along with protecting us from aliens, maybe the "Men in Black" will also run Windows Update for us too? ("Was that a security update?", "Nope, just a weather baloon." *flash*)
Suppose that most computers are insecure. The (MS)OS gives up the HD to anyone who asks,users won't apply patches, the admin is an idiot, whatever.
The Feds are already wherever they want to be and I think that they would rather be the only ones there. I still want to keep out the rest of the world and the Feds want to help. How could this be any worse than what we have.
The really paranoid (or sensible) people will use strong encryption which is more to the point.
All your database are belong to U.S.
All your database are belong to U.S.
They're releasing this software to check how well their backdoors inside America's Army worked. Duh!
Is triggerIRSAudit available as a Perl module?
/.
I was working at an aerospace center that Shall Not Be Named, doing various things related to testing missiles and preparing for a rain of thermonuclear death on the dirty commies (now superseded by dirty sand-nxggxrs).
This suit from Lockheed comes in, and says "Let me see the checksum on your disks". To which I cogently replied "whurahuh?"
The suit self-importantly explained that when the Navy did tests, they first performed a "checksum" on the data storage devices attached to their data acquisition systems. By comparing the checksum to a number he had cleverly kept in his wallet on a soiled scrap of index card, he could tell that the insidious Reds had not tampered with the system in order to mislead God's Own Nation.
A light went on, and I said "Oh! You'd like a cyclic redundancy check code to be used on all the system and testing code, to ensure that change procedures are adequately followed! We can do that, I'll do some research on the algorithms and whip something right up for you."
"No!" the suit cried, "I want to CHECKSUM the DISKS, not the PROGRAMS! I must have a checksum of everything, to ensure the safety and security of America! And don't try to hoodwink me with your technical mumbo-jumbo, I'm an ENGINEER!"
I (patiently and tactfully, I thought) explained that this was impossible - I was quite familiar with the systems the Navy was using, and there were highly volatile swap areas on the hard drives that changed constantly. I even (unwisely) attempted to explain that checksums were nearly useless, and that what most people meant when they said "checksum" was ECC or CRCC, a more useful technique.
The suit stormed off to report my recalcitrant incompetence to my boss. My boss called, and asked me what the hub-bub was about. I replied, to the best of my remembrance, "That idiot wants to make sure the test environment doesn't undergo unaudited code changes or random bit-rot. I can provide the level of security he wants, we just buy a nice Mosler safe, sink it into the concrete bunker wall, and give him the keys and combo. We label a full set of disks 'lockheed' and let him keep them in the safe when we aren't doing Lockheed tests."
The boss said, "That isn't what he wants. He wants security just like the Navy does it. Give him his checksum."
I got annoyed, and pointed out that anyone with physical access to the systems could readily substitute a program that simply printed out the same number every time.
The boss said, "Now you're getting it. What do you think the Navy does?"
"Every American relies upon cyberspace and every American has to do something to secure their part of cyberspace," Clarke said of the plan, which will be released September 19 in Silicon Valley. . . Clarke spoke to reporters as well as government and corporate officials to announce government-wide standards for securing Microsoft's Windows 2000, the most commonly used operating system for government and corporate computers.
I'm doing my part. I'm using a Macintosh.
Laws affecting technology will always be bad until enough techies become lawyers.
I would rather sand-paper a bobcat's ass in a telephone booth than install "government approved" software on my systems.
No thanks, I secure my own systems.