Slashdot Mirror
Howard Schmidt Resigns As Cybersecurity Advisor
scubacuda writes "CNN and others report that former Microsoft chief of security Howard Schmidt has resigned as White House cybersecurity adviser. 'With the historic creation of the Department of Homeland Security, the transfer of many of the responsibilities from the Critical Infrastructure Protection Board and the release of the strategy, I have decided to retire after approximately 31 years of public service and return to the private sector,' Schmidt said in his April 21 e-mail."
I mean, I know we saw plenty of "What's good for Microsoft is good for America" rhetoric during the anti-trust trial, but that would be a bit over the top.
I might be way off here, but didn't he just recently ACCEPT this position and he's already resigning?
That's just Schmidty.
...a Beowulf cluster of these resignations!
2 whole months!
I wonder what really made him quit?
"Howard has over 31 years public service having served with the US Air Force in various roles from 1967-1983 both active duty and in the civil service. He has served in the military reserves since 1989 and currently serves as a Credentialed Special Agent, US Army Reserves, Criminal Investigation Division (CID). He has testified as an expert witness in federal and military courts in the areas of computer crime, computer forensics and Internet activity."
Good Job. We all know how secure Microsft products are.
/troll
/sarcasm
I nominate Hillary Rosen to be the next Cybersecurity advisor
"I have decided to retire after approximately 31 years of public service "
HUh?? Okay he just came from Microsoft...where does the 31 years of Public service come from? I assume before he was at M$...He realy served the public by going to work for M$.
Or does serving at Microsoft means Public service? Ahh..public open and hackable servers...i guess that would be public service, or at least offering services(and data) for free to the public.
Besides that though, M$ has not been open for 31 years.
I can just imagine the look on their faces...
"Wait a minute...this guy was the Chief of Security for who?!?"
the security advisor resigns via e-mail? doesn't anyone find this a little bit ironic? :)
I smell a sequel ...
About Schmidt 2: Cyber Patrol
WASHINGTON (AP) -- White House cybersecurity adviser Howard Schmidt announced his resignation Monday, the second person to leave the post in three months.
Schmidt was the former chief of security at Microsoft Corp. before taking the post in February. He succeeded Richard Clarke, who had spent 11 years in the White House across three administrations, and was the president's counterterror coordinator at the time of the September 11, 2001, attacks.
The White House confirmed Monday that Schmidt would leave at the end of the month to pursue private sector opportunities.
In an e-mail sent to staff and industry officials, Schmidt noted that many of his responsibilities had been transferred to the new Homeland Security Department.
"While significant progress has been made, there still is much to do," Schmidt said in the e-mail. "The nation as a whole is much better at responding to cyberattacks then at any time in the past, but cybersecurity cannot now be reduced to a 'second tier' issue. It is not sufficient to just respond to attacks, but rather proactive measures must also be implemented to reduce vulnerabilities and prevent future attacks."
When Clarke announced his resignation, he also warned of future attacks on the Internet. "As long as we have vulnerabilities in cyberspace, and as long as America has enemies, we are at risk of the two coming together to severely damage our great country," he wrote.
The trade group representing high-technology companies such as Microsoft and Intel said President Bush still needed a high-profile adviser at the White House.
"We are concerned that the cybersecurity issue is losing visibility inside the White House," said Harris Miller, president of the Information Technology Association of America. "In this case, the 'bully pulpit' opportunity to influence the development of a truly secure cyber infrastructure and associated best practices will be lost."
Schmidt failed to return several phone calls seeking comment Monday.
This guy reportedly held every gun toting postion out there, short of bounty hunter for Santa Clara County. SWAT teams...CID...FBI, etc. MS appears to have been the least of it. I imagine he will spend his time cleaning his guns, now that he's retired.
WTF? He's only been there for like 2 months. Why was he fired? This is truly disapointing for the welfare of our government's computer systems. Who else could possibly be more qualified than the former Chief Security Officer for Microsoft Corporation?
Apparently his suggestion to replace Dr. Pepper with Code Red in all the vending machines was the final straw.
Freedom Is Universal
Linux-Universe
Having worked with Howard during his time with the Air Force, and having followed his career in the private sector and post-Air Force public service, this is really too bad.
For those who don't know (which I assume is most of you), Howard was a pioneer in the area of computer evidence analysis, first as a 'local' police officer, and then as a federal Special Agent. It's important to note that his time at Microsoft had nothing to do with their products (this in response to all those "we all know how secure Microsoft products are" trolls out there).
He and his wife are avid computer users, and Howard was one of the few people I've ever encountered at his level in Government service that could talk to you about technology and computers with any degree of real understanding. He built his own machines (at least when I was working with him) and was taught classes on low-level file system internals and disk layouts.
He became involved with computer crime at a time when only hard-core hackers (not crackers) were really playing around with computers, and paved the way for many others who are themselves pioneers in the information security community, both in the public and private sectors. The atmosphere created and fostered during his time at the Air Force allowed many people to grow and learn, and many of them are not only members of the InfoSec community, but the open-source community as well.
I'd better quit before this turns into blatant fanboyism, if it hasn't already. My intent is not to deify him, I just want all of you who've only heard him give nicely formatted press conferences or canned interviews to know that there's more to him than that. I'm not sure if you could really find someone better to be involved with the goings-on at that level, but I'm absolutely certain that you can find many many worse.
---
In other news, Microsoft announced that they had just been awarded a number of new Homeland Secuirity contracts.
Lacking <sarcasm> tags,
doesn't anyone find this a little bit ironic?
/
I do not speak english very well, but I do not understand how this is ironic. :
Why is he ironic to resign by email?
I am sorry for not understanding.
That reads like he's been working in the public sector all that time. But, I'm sure he hasn't divided his attention when working in the public sector ... unless it really turns out that Microsoft has been around longer than we all thought and the rise of Microsoft, Gates, et al, has been part of a massive plot!
No... I wouldn't even consider that... well, probably not anyway.
A feeling of having made the same mistake before: Deja Foobar
well, there goes national security.
He didn't do the Austin Powers double quote thing with his fingers each time he said 'cyber'
Wow...I need a nap after that one. Just in case no one has told you, this is NOT 1871. There has been a lot of legislation passed since then (which I'm SURE you could comment on further), however, most people who read the articles on this site tend to know that America=Corporate America. Very few who read and/or subscribe to Slashdot will argue that the US government has not had its shortcomings but a rant like that actually reminds me that the first ammendment applies to you too....what a waste. Oh well, the price of freedom...er...slavery....I guess.
[SIG] Remember Mattel handheld games?
I really need some work.
For example, Microsoft was notified of the issues, concerning only Microsoft implementation of its JVM, on September 2nd 2002 and after SEVEN MONTHS on April 9th 2003, Microsoft have issued an update to fix the problem.
Such a delay with such a serious vulnerability is so abysmal that it borders on the absurd.
Quality and security are measures which only mean something when compared relatively to another.
There is no absolutely secure, therefore you must expect, that once a vulnerability is made known to the vendor, the vendor should do their utmost to close the Window of Exposure ( http://www.counterpane.com/window.html ) as soon as possible.
For example, with the lastest SAMBA vulnerability, once notified, the SAMBA developer owned up to the mistake and the SAMBA project released a patch within 48 hours. Within aother 24hrs, redhat had already backported the patch into their distributions RPMs. Similarly any major security issues in Mozilla and Netscape browser are also fixed and updateable within a couple of days
Meanwhile, there are currently 13 KNOWN unpatched vulnerabilities in Microsoft's Internet Explorer ( http://www.pivx.com/larholm/unpatched/ ).
Some DANGEROUSLY EXPLOITABLE have not been fixed in over a year ( http://security.greymagic.com/adv/gm002-ie/ ). That Microsoft has not rewritten the scripting system embedded with IE so that it is sandboxed by default is bad enough, but to have such major unpatched vulnerabilities exposed for months is abysmal.
Other inherent vulnerabilities, such as the Shatter attack ( http://security.tombom.co.uk/moreshatter.html ), Microsoft has known about since 1994!
Even if the API/call flaw is inherently unfixable, that is plenty of time for Microsoft to implement a safer methord/systemcall/API, adapt it's own applications to use the safer methord and depreciate the unsafe API.
It also appears that Microsoft 's own implementation of SMB is vulnerable and Microsoft has known about it for over eight years ( http://developers.slashdot.org/comments.pl?sid=599 60&cid=5681769 ), but Microsoft either choose not to, or cannot fix the problem themselves.
Microsoft is clearly not closing the vulnerabilities they are aware that exist in their products and services.
A year after after Bill Gate's Email promoting securtiy over functionality, Microsoft by choice, remains neither secure or trustworthy.
Microsoft's attitude towards the security of it's products, service and customers is abysmal.
From Jason Coombs' A response to Bruce Schneier on MS patch management and Sapphire ( http://www.securityfocus.com/archive/1/315158 )
Obviously Microsoft has been without a security chief for 31 years.
Isn't it odd that despite spending billions on DEFENCE for decades, none of that investment supplied _any_ defence that mattered on the day.
Should this new entity be renamed dept. of Real Defence or should the dept. of Defence be renamed Dept. of Offence? who deserves the name most?
he obviously knows which strings to pull to get killer contract assignments.. this being said it may be the case that he simply got an offer in the private sector that he couldn't refuse.
--
|-_-| . o O ( bEef!)
I wonder if there is any connection between his resignation and the decision by DARPA to pull funding from the openBSD project due to some remarks made by de Raadt?
...jump in any time...the music runs 24/7 here....don't let the green eyed monster scare you away.
As evidenced by the fact that this: "We are concerned that the cybersecurity issue is losing visibility inside the White House," said Harris Miller, president of the Information Technology Association of America. "In this case, the 'bully pulpit' opportunity to influence the development of a truly secure cyber infrastructure and associated best practices will be lost." is one of the main opinions expressed in this article. We've elevated commerce to such a position that the perspective of a trade group is of primary importance when reporting on government and security. I know this isn't new. Business has played a large role in politics and civics (if the two can be separated) for at least the last 2000 years, but it seems especially egregious when Miller laments the loss of the "bully pulpit" as if he just got outpid for a Super Bowl commercial slot.
'With the historic creation of the Department of Homeland Security, the transfer of many of the responsibilities from the Critical Infrastructure Protection Board and the release of the strategy, I have decided to retire after approximately 31 years of public service and return to the private sector,' Schmidt said in his April 21 e-mail."
"Looks like I can't do much more damage around here!"
May we never see th
That's a very good point.
/me wants PKI with whitelists to be universal...
Business email authentication is frequently piss-poor, and the names and information on top-level execs is publically available.
You probably wouldn't get someone fired, but you could cause absolute mayhem spoofing mail to lots of companies from various execs to other execs saying that an exec is resigning. Do so over Christmas, or some other time when people aren't immediately reachable for confirmation, and the impact could be quite nasty.
May we never see th
Look at the 7th Ammendment, dude. How and when do you think that Ammendment applies in today's world? They try to burry the Common Law (the law of the land) with mounds of statutory privileges. What you don't understand is HOW TO RECLAIM YOUR SOVEREIGNTY.
When did anyone need permission to get married to the person they love, or travel on public roads they are forced to pay for regardless of status?
Read the Senate reports, for they unlock all the mysterious legislation, and read the United States Code as exhibited by Cornell University. I don't operate in fiction, I am secure in my Persons, and I have unalienable rights that are not privileges that are subjugated or diminished by states foreign to my own.
Do you not understand? And whoever marked my post as troll, who are they to know truth from fiction without observing my references? The truth will set you free, it did for me. Which country do you live in, US or USA?
Without Prejudice, UCC 1-207
Anonymous Coward
Your freedoms aren't free to pick off a tree! They must be payed for, hence they are a privilege! The United States (whatever corporation you want to call it), needs money for you so you can live and say what the hell you want! The Revolutionaries sure as hell couldn't say whatever they wanted when the British were around, so they got rid of the British control! That costed blood and sweat which the average person of today isn't willing to give; they would rather pay for it. So bend over and help out Congress by letting the IRS pay a visit to your whorehouse of iniquity you call home.
Tax his cow, Tax his goat;
Tax his pants, Tax his coat;
Tax his crop, Tax his work;
Tax his ties, Tax his shirt;
Tax his chew, Tax his smoke
Teach him taxing is no joke.
Tax his tractor, Tax his mule;
Tell him, Taxing is the rule.
Tax his oil, Tax his gas
Tax his notes, Tax his cash
Tax him good and let him know,
That after taxes, he has no dough.
If he hollers, Tax him more;
Tax him till he's good and sore.
Tax his coffin, Tax his grave,
Tax his sod in which he's laid.
Put these words upon his tomb,
"Taxes drove him to his doom."
After he's gone, we won't relax.
We'll still collect inheritance tax
Yeah, about that Windows update service, when it got compromised Mr. Schmidt did...? What exactly? Was that "product security" or "infrastructure security"? Or was the actual buffer overflow a product-level security issue, but the unpatched servers a corporate security issue? I wonder which one would have been easier to prevent... Hmmm...
When Microsoft started distributing the NIMDA worm was that the application group's screw-up? Did Mr. Schmidt's security policies extend to internal processes like QA? Surely when they release software internally, Mr. Schmidt's group had to make sure that it was safe, right? Why not give the rest of the world the same courtesy? Does MS have separate internal and external QA groups? If not, do their internal SQL, web, etc servers have holes? Is MS's security policy therefore "crunchy on the outside, soft in the middle"? That's not very reassuring.
I could go on, but rather than be labeled a "troll" for simply pointing out facts and asking rhetorical questions, I'd just like to offer that perhaps, just perhaps, there might be some merit to the whole "security is a process, not a product" idea. Put another way, I for one would feel better if the U.S. Cybersecurity Advisor didn't have a "that's not my department" precedent coloring his judgement. Or maybe I'm taking your statement out of context and unfairly judging Mr. Schmidt for being asleep at the wheel when he was merely in the passenger seat inert, in which case I apologize.
While I certainly have nothing personal against Mr. Schmidt, like it or not he was the front man for Microsoft's "security". If MS gets a bad rap on security issues, for whatever reason, then Mr. Schmidt takes the heat on it -- if only for being the most visible target. And honestly, you can't really say with a straight face that MS's products have nothing to do with its corporate security. Microsoft's products have everything to do with many thousands of other corporations' security. If those products had built with security in mind, maybe there wouldn't need to be this big, mystical demarcation between the security inherent in MS's products and its corporate computing infrastructure. In the public's eye, anyway, there isn't any difference. Microsoft is its products -- and its products have a really appalling track record with regard to security.
-B
Ash and Hickory, straight-grained and true, make excellent bludgeons, dandy for the cudgeling of vegetarians.
It's easy to sit on the sidelines and snipe, but the fact of the matter is you've done nothing to address my original post. Instead of nitpicking my statement about his position not being related to products, it would be nice if you had addressed my point, which is simply that during the time that I worked with him, he was significantly more clueful than the other administrators I've interacted with at his level.
Since it's doubtful you were employed at Microsoft during his tenure there, and even less likely to have been privy to any policy or other decisions he made while there, its fairly disingenuous for you to now judge him on the content of a few news stories. I suppose that's always the problem with any position related to security, people never hear about the incidents that DIDN'T happen.
Regardless, I'm not here to defend Howard's performance per se just to give my opinion, having worked directly with him (unlike you?) that there are certainly worse people they could tap for the job (see post below re: Hillary Rosen).
---
Obviously the lights are on but no one home when this clown is in charge of security.
"we didn't expect people to do bad things like that"
Is this a coincidence or what? http://www.insidebaltimore.com/news/technology/mus ic-sharing0421.shtml
I fear Bush support for anything involving Business vs. Privacy where he is clearly against privacy. Nevermind that. I fear Bush with his itchy trigger finger on any issue. The guy is a nutter.
I went to battle MC Escher but drew a blank
From the initial post: "[Schmidt] decided to retire after approximately 31 years of public service and return to the private sector."
Okay, so it appears that he counts his service as Microsoft's Chief of Security towards his public service career. That may sound a bit presumptuous of him, but I think I see a pattern here. There are now five branches to the US Government: Legislative, Executive, Judicial, the Press, and Microsoft. Or, will Microsoft's crack team of lawyers assume responsiblity for the Judicial as a "cost-cutting" measure? That may be that new Constitutional Amendment, dubbed "3.11" I've been hearing so much about.
What those who want activist courts fear is rule by the people.
And lets not forget the waste of time having to read every story more than once...
A fan once gushed to Dorothy Parker "I read your column over and over today."
"What's the matter," she replied, "didn't you get it the first time?"
I suppose he was sent from Microsoft to learn about the proprietaries of government in an attempt to embrace, extend, enhance government.
Yeah... Right.
I faintly recall an article in a magazine called Creative Computing, there was a timeline involving Microsoft anti-trust woes. It had a ruling against it by the Supreme Court, and the next marker on the timeline was "Microsoft buys Supreme Court"
They don't seem to like the government, so they will probably roll their own. Buy Microsoft Active System Government Pro Platinum for Trusted Business and Home today!
"It is not sufficient to just respond to attacks, but rather proactive measures must also be implemented to reduce vulnerabilities and prevent future attacks."
Let's launch a preemptive cyberstrike against a small country, preferably in the middle east, which is not a threat to us, and which is unable to fight back! That will surely stop CYBERTERROR!
Really, I'd love to do it.
The Kruger Dunning explains most post on
WD-40 is very good for breaking things free and a number of other purposes. But it should NOT be used on firearms, especially semi-autos. With time it gums up and collects dirt significantly more than other alternatives. This may cause malfunction when you suddenly need it. (And, as with other thick oils, leaving a heavy coat in the barrel may cause an explosion by slowing the bullet on its way out.)
Use it to free a jam if you must. But clean it all out afterward and lubricate with an oil designed for the purpose. (A classic is Hoppes #9, which is a combination of a powder solvent and a light oil, letting you clean and lube in one pass.)
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
I suspect that the parent was referring to the email potentially being spoofed, which may be considered ironic if the Security advisor appears to have resigned because of a security breach.
It would be even FUNNIER if the resignation was a forgery - but then he had to resign over it, making it a self-fulfilling forgery. B-)
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
2.) ollie north
3.) barry mccaffrey
4.) bob bennett
the people's choice...kevin mitnick!
He found out about administration plans to let a massive cyberattack happen without intervention. Dozens of the most powerful people on the planet are in on it, including his old boss, Bill Gates. They are set to cash in through insider trading, and the direct destruction of their biggest competitors.
He couldn't stand to have it happen on his watch, so he's quitting. (He is heroic in this theory, because it makes a better screenplay that way.) He secretly assembles a crack team of open-source developers from around the world to engineer a way of protecting the Internet from this cyber-attack.
They develop a neural interface, jack in to the Internet and fight off the cyber-attack in a Gibson-esque special effects spectacular finale. All the original evil plotters die in the end due to unexplained automated systems failures.
Bill Gates is the last to go and he knows it's coming. He tries to write a program to protect himself, but he can't remember how. In the end he is devoured by a pack of feral Aibo.
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
WD-40 is _not_ a thick oil. It has a carrier that evaporates, and is one of the thinnest, which is why it is sold as an aerosol. You're clearly confusing it with some other product.
Snipe? Please. I was pointing out facts. And I did address your point: I don't think his leaving the post is such a bad thing, because from where I sit (as a member of the general public/electorate, and not privy to the inner workings of Mr Schmidt's mind or his tenure at MS) I'm not at all sure what he did security-wise while at Microsoft. I don't know, as an outsider, what exactly he did at Microsoft, and so all I have to judge him as a public official is his track record, or failing that, the track record of the company he was a chief executive at.
Like I said, I don't know the man, and I don't mean to denigrate him. But the fact remains that he was Chief Security Officer at Microsoft. Microsoft has an abysmal security record. That reflects on Mr. Schmidt, right or wrong. He was the top man. Yet you say that it really wasn't his job to be worried about product security. That sounds like a cop-out to most people, myself included. That is what seems disingenous, not my commenting on his apparent track record (or lack thereof, I suppose, since he didn't actually do much any normal Microsoft customer would be able to see). His record at MS is all I've got, and MS's record is his record. It's not a terribly good one, regardless of how personable or knowledgeable the man is.
You have to step back and look at it from an outsider's perspective. Not everyone has the luxury to know him personally, and we can't all use our personal or professional knowledge of him to forgive what otherwise looks like an appalling record. Most people saw the appointing of Microsoft's Chief Security Officer to Cybersecurity Advisor as something similar to appointing ValuJet's chief of aircraft maintenance to head the NTSB or Anderson Consulting's ethics oversight committee chairman to the SEC. That's sad but true (and before you give me grief over the gravity of the compariions, I pulled those two examples from memory of online posts I read). That perception is based on MS's record. Which is Mr. Schmidt's record, regardless of whether or not it was actually in his mandate as Chief Security Officer to worry about product security.
I'm sorry if you feel he's been unfairly treated, but that's just how it lays out. I'm sure he was a fine administrator, and I'm sure he was good at cat herding. You'd have to be, even at a company smaller than MS. I guess I'd like someone that has a provable track record to step in a make substantive, postive changes to keep us safe from a network/computing perspective. Although another poster was probably right in saying the government probably just wanted someone to blame if it hit the fan.
-B
Ash and Hickory, straight-grained and true, make excellent bludgeons, dandy for the cudgeling of vegetarians.
lkjlkjlkj
Within two months the guy has checked out that the Homeland is same secure as the rest of Microsoft products.
So, should we just read security alerts about flaws, or we have to look for patches to apply? And are those patches really free?
P.S. I have a feeling, while looking for the design of the system Mr. Schmidt has recently left, that it might be simpler to redesign/rewrite everything from scratch than to keep patching.
Less is more !
What D3TH doesn't seem to grasp is that we have his comments, i.e. that Microsoft was focused on security, and whether you look at their products, services, or networks M$ was absolutely *NOT* focused on security in any reasonable fashion--that isn't speculation, they admitted it and it negatviely affected their stock as a result(not something a company would do if they had a choice).
Nope, WD-40 is an electronics water dispersal formulation, happens to be a decent penetrating oil as well. It will leave a gummy residue on a surface that's not cleaned. If it penetrates to internal mechanisms not typically disassembled and cleaned (eg. firing pin channel and firing pin) it can gum up - or worse, cook & carbonize after a long shooting session.
This is also why it's a crummy lubricant; use BreakFree CLP if Hoppe's isn't enough for you.
Model railroaders know this as well - don't use WD-40 on your electric motors, you will be sad.
Regards,
Brian in CA
I used the term "snipe" specifically because you're pointing out facts. The problem is your facts have little or nothing to do with the thrust of my original post. The best trolls are always the ones based in the truth.
Listen, if you want to start your own thread attacking Howard for his lousy public performance during his tenure at Microsoft, or his willingness to attend press conferences and praise Microsoft's (fabricated?) single-minded focus on security I promise I'll have little or nothing to say in response. I consider those critisisms valid, if somewhat shortsighted. My intent in stating his job was unrelated to products was nothing more than an attempt to defuse the more obvious trolls that did nothing but scream that flaws in IIS were somehow directly traceable back to his desk. If I take a slightly longer view, as you've advocated, perhaps at least some of those flaws could be traced there, at least indirectly. I agree that security is a mindset and a process, and the responsability can't all be placed on the shoulders of the developers. It cannot, however, be placed soley at Howard's feet by the very same token. Please take a few minutes and re-read my original post. No time? Too lazy? Ok, I'll quote it here:
"I just want all of you who've only heard him give nicely formatted press conferences or canned interviews to know that there's more to him than that."
You ask me to step back and take the outsider's perspective. You complain that "Not everyone has the luxury to know him personally". The WHOLE POINT of my original post was to give you an "insider's" perspective on him. I very specifically did not speak to his performance in his position at Microsoft or the position he has just resigned for the very reasons you've cited: all I have to go on, really, is public information and in my opinion that's not enough. That's the reason that I posted initially, to attempt to give others the benefit of my perspective. And I still stand by my original conclusion. Someone like Howard, with at least a background in hands-on computer hacking (again, not cracking) is relatively difficult to find at that level, and is very possibly a better choice than whoever gets tapped to replace him. That's not to say that if they were to bring in someone with an unimpeachable record of attacking and solving larger-than-enterprise-level security problems, that I would still feel the same. The bottom line is that right now, at this moment, I see that as extremely unlikely. Again, to quote myself:
"I'm not sure if you could really find someone better to be involved with the goings-on at that level, but I'm absolutely certain that you can find many many worse."
Right now, until we learn who they select, it's my feeling that they will find someone worse, especially if you're correct and they're just looking for a fall guy.
---
Seems someone thinks WD-40 is ok for guns...
"What about using WD-40 on my sports equipment? WD-40 is safe and effective to use on all types of sporting goods. Use WD-40 on your bike to clean, degrease and lubricate your chain, derailleur, gears, cogs, and moving parts. It will help remove stickers. Use WD-40 to clean and protect your gun. It will prevent corrosion and it won't damage bluing. Spray it on dirt bikes to protect parts and prevent mud from sticking. Use it on watercraft to protect metal surfaces from corrosion and to drive out moisture. WD-40 is also great for cleaning golf clubs and preventing rust on hockey skate blades."
...we all know you should wipe down after cleaning with whatever material you choose to apply. A spider web in the barrel of a shotgun can be lethal. There is always a need for care and common sense when dealing with any weapon.
Just a note...
I think we agree and what's important...thanks for the dialog.
Check the Washington Post Tech News article