Schmidt Predicts Digital Sky Is Falling

Danse writes "Former Microsoft security chief Howard Schmidt now works for the government as the vice chairman of the Critical Infrastructure Protection Board. According to this article on Security Focus, he has been touring the country, proclaiming the dangers of "zero-day viruses" and "affinity worms" that will create the kind of havoc that nothing else short of a nuclear exchange could cause. "Traffic lights, pacemakers, appliances -- all subject to outages and interruptions because in the future they're controlled via Internet, declares Schmidt. The power grid could fail catastrophically by 2005!" How do you argue with this kind of rhetoric, especially when it's being spread directly by government officials to corporate leaders?"

But AUTOMAN taught me otherwise . . .

[SimplyCosmic]

Don't you remember that old television series Automan?

Between shows like that, in which a computer program given life could control any electrical device, and all the poorly done "hax0r" characters on film and television, why would you expect people NOT to believe things like this?

Re:But..

[Maeryk]

Why would these things be controlled via the internet? We already segregate certain high security systems from the internet to avoid even the chance of them being "hacked". I don't think a pacemaker would -EVER- be hooked up to the internet -- not only is there no point, but it's just extra risk for something to go wrong.

Because idiot sheeples want bigger faster better. They want their refrigerator to be able to print out a list of groceries it needs on their computer. They want to be able to put a recipe into their laptop, and using wireless, have it pre-program the stove and microwave, and have the refrigerator and pantry tell them what they need to buy to make it happen. Because clever marketing has convinced people that "can you hear me now? good" means you SHOULD be hauling a freakin digital phone with a billion free any time minutes a month around the grand canyon or your favorite cavern and annoying me.

Because people will BUY it if they think it is glitzy and new and makes them all hep and stuff. Maybe not many people, but people *will* buy. Look at cars! They now have more freakin features than anyone ever needed, but boy do they want them!

Figure out what people would have said about PDA's and cell phones thirty years ago had someone suggested they would exist. "Thats ridiculous..why would anyone EVER want that? I have my phone in the house, and I have my day-timer! Why carry around something that needs batteries?"

Granted.. Im as guilty as the next guy.. I gave my son a laptop to learn on when he turned six.. because I wanted him to have the edge as he grows up and be experienced and not afraid of computers.. but I think I may have done him a grave disservice, introducing electronics-as-necessity to him that young in life. (How many 9 year olds do you know who, on the phone with their friends, say "Hang on.. I'll shut down the laptop and be right over?"

Things will get hooked to the internet and to each other that never should be.. in the name of "convenience" and "cause its neat".

Maeryk

How do you fight the rhetoric?

[nadador]

The truth helps. Just keep speaking the truth, and tell your friends, people on the bus, folks at work.

There are a couple of important points to consider.

* Systems related to national security shouldn't be on the internet in the first place. Sure, that's what its was designed for, to be a comm network that would survive a nuclear strike and still route packets. Of course, plenty of government networks are already physically disconnected. Not firewalled, just not connected. So no Slashdot reading on your power grid terminal. Until we actually start building secure software, cause we don't now, some systems absolutely have to stay disconnected, or connected only through separate, encrypted, physically secure networks.

* Instead of feeping creaturism, maybe its time to actually start worrying about security, ala OpenBSD. Could it be that people would put up with substandard office software and not-so-intuitive file browsers if we guarenteed them that the financial data on their computers would be safe? Would you pay extra for your internet-connected pacemaker (which will probably send data to your doctor) if you knew that somebody couldn't hack it and turn it off? Would your Mom put up with having to learn a confusing operating system if it meant that her Quicken data wouldn't get stolen? I bet mine would.

* And maybe, just maybe, we, as software engineers should stop living up to the low expectations of the marketdroids and the PHBs (oooh look, shiny GUI) and start demanding more of ourselves. The reason that propoganda like this punk is spewing travels so fast is that the computer-using public has been conditioned to expect so little (Oh, another reboot? No big deal. Server's down? Eh, kick it, I'll go get a cup of coffee.)

So, I'd tell people to stop whining, stop freaking out, and stop bowing to the government-media complex's instinct to make everything a damn crisis. Instead of worrying, do something. If you're a software dude, start thinking about robustness and security instead of pretty. If you're a (l)user, start learning how to secure your stuff, and start demanding that they companies you buy from do the same.