Slashdot Mirror
Head Of Homeland Cybersecurity Named
ziggy_zero writes "Security software industry veteran Amit Yoran is expected to be named the new head of federal cybersecurity by the U.S. Department of Homeland Security (DHS) on Tuesday. The DHS is also partnering with CERT to form the "US-CERT" cyber-attack coordination center, coordinating efforts to fight cyber-attacks, worms, etc."
Homeland security is a great idea, but there hasn't been much as far as actual results yet. We need some stats on how many threats they found/evaded, or is there this info available already?
Maybe this guy will help get rid of all those nasty worms on the intarweb
(you may need to be familiar with somethingaweful to understand the above statement)
anime+manga together at last.. in real time.
Is anyone else tired of the word "cyber" being applied to anything dealing with computers? "Head of Cybersecurity" sounds like a title that some 13 year-old hax0r would call himself after finally learning how to share his family's broadband internet connection among machines. I find it difficult to take an office seriously if it designates head of "cyber" anything. It's the year 2003, people. Let's just start calling it "the internet."
but it seems to me that bribes from Mirrosoft for "defense contracts" comprise the largest threats to national electronic security.
Let's just switch everything over to OpenBSD and pray to cueriel that we keep good relations with Canada.
You can't judge a book by the way it wears its hair.
This sounds much, much better than it could have been.
I was predicting the worst...
someone with no technical background,
someone from Justice Dept,
someone corporate goon from Microsoft...
I am relieved.
Amit is an Indian name you tard.
From the article:
"Yoran helped to found network scanning company RipTech Inc. of Alexandria, Virginia, in 1998. After RipTech was acquired by antivirus giant Symantec Corp. for $145 million in August 2002, Yoran stayed on as Symantec vice president of worldwide managed security services operations, according to Symantec spokesman Cris Paden."
Anyone care to wager how soon the government starts awarding contracts/grants to Symantec for its exclusive security solution?
Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
Oh, great. Let's combine the computer security industry (already famous for making work and money for itself by scaring everyone with over-hyped media attention to every script-kiddy's feeble edit of an existing worm) with the Department of Homeland Security's similar tactics of justifying it's existence, not to mention whatever policies the powers-that-be desire.
We'll all be on tranquilizers in no time.
computerlady - a brand new Slash-daughter - alone, but no longer invisible, in the
Gods, I'm glad there's a humongous bureaucracy ready to step in and clean up the internet.
What's the plan, prosecute more teenagers and distribute their allowances between the multi-billion-dollar claimants?
Sheesh, evil *and* a jerk. -- Jade
when it comes to censoring and creating a virtual intranet to replace what we have now, it's easier to pacify moms and pops who think the 'cyber' world is something they could not possibly understand for themselves, so best leave it to the nice government to look after us...
Now every blackhat hacker, script kiddy, or other 'cyber'threat is not only his problem but they're all after him and ony computers/websites/etc. that he has or runs. Talk about being setup for failure.
-Tim Louden
Being that Homeland Defense is currently the great evil of this nation, let the personal attacks on Mr. Amit Yoran begin!
[his name sounds] scary to me....but maybe I'm a bit paranoid.
Maybe you're a bit racist.
Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
I am an indian and can tell you that Amit Yoran is NOT AN INDIAN NAME.
I think that choosing a software security and anti-virus expert, rather then someone with a law enforecement background is a good thing. It will hopefully keep the focus of off spying on citizens and might help reduce the number of worms going around right now.
I am no more a racist than you are a religious zealot.
No more Micro$oft bashing from me. Its like bashing at the special olympics.
"We who are about to die salute you!"
How can we entrust the security of our nation to an OS that's *dying*??
jealous eh?
ur a$$ is 0wned.
This just in: Our Nation's cyber-fighting department outsourced security implementation to India.
...who uses a new personalized OS: Microsoft WindowsXPlode
...who just outsourced 90% to Afghanistan.
...who just hired on some guy who calls himself 'Ossy bin Laden'.
...who just finished a 3 month 'pong' marathon in a cave located in an area no-one's heard of.
"He had a weird smirk on his face when they told him he would be in charge of managing cyber-attacks. Upon further clarification, his smile turned to frown when it was revealed to him that he would not actually be creating worms, viruses, or organized DDoS attacks."
- Anonymous (but VERY reliable) source
;-)
-------------
So, what, exactly, is the Department of Cybersecurity going to do? Monitor the Internet? Intercept virii? Rubberstamp Microsoft's agenda? Scan your email? Stop spam? Raid the homes of script kiddies? Side with the RIAA vs. 12-year-old girls? I really would like to know what "cybersecurity" entails.
And, fwiw, if the BSA "lauds" him, he can't be all that good news for open source.
If this man has any moral fiber and/or desire to defend privacy rights, it'll quickly be eroded under this administration.
Why am I so damned suspicious and cynical of everything this administration does? Is something wrong with me?
For those who are unfamilliar with him, here's a recent Frontline interview.
Amit Yoran is of course, a VP at Symantec. That would be the same company whose COO, John Schwartz, recently caused a storm by calling for laws to make it a criminal offence to share information and tools online which could be used by malicious hackers and virus writers.
Am I alone in putting two and two together and becoming alarmed at the implication?
My next sig will be ready soon, but subscribers can beat the rush
Rip-Tech was one of the largest security monitoring firms in the country, I can only see this as a good thing. Besides the goverment already has moved a majority of it's firewalls over to symantec long time ago.
I remebmer when I went to the raptor training 75% of the guys there were goverment types or working on goverment contracts.
So far the "homeland security" dept. is just that. It's a department. It relies on other agencies (CIA and FBI) to protect the USA against terrorism. The problem is that departments of *any* sort hate working together and because Homeland security has nothing to bargain with except for it's name nothing will happen. Besides the FBI and CIA want to redeem themselves after 9/11.
The cybersecurity part is already handled by the FBI and has been for years. The only danger I can see is if the Homeland Security dept. got control of things like Carnivore. and linked it to 'terroist' db's etc.
--- You know it's bad when
bash-2.05a$ fortune
bash: fortune: command not found
I am no more a racist than you are a religious zealot.
:)
Check out the link and see how much of a "zealot" I am. You'll be amused.
Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
I call it the Information Superhighway. Why? Is it because:
1) I like lots of syllables.
2) I'm a slave to whatever phrase is the current media darling.
3) I feel like roadkill on said highway.
or
4) I like screaming "ONRAMP!" every time I boot the computer.
They say the first thing to go is your penis. Well, it's either that or your brain. I forget which...
Haven't you heard? BSD is *dead*.
Yoran Nmap and Yoran Nessus
and Yoran Bastille or Yoran SELinux
This was funny until Yoran out of puns.
Cybersecurity, on the other hand, is supposedly not a joke.
I want to know if he really is an expert, or just another pointy-haired manager type who knows some buzzwords and how to run a PowerPoint presentation.
They say the first thing to go is your penis. Well, it's either that or your brain. I forget which...
This is not funny anymore.
The joke is dead.
Anyone wonder how long it will take until we have easy to understand color coded virus "terrah" alert levels?
Make sure everyone's vote counts: Verified Voting
You're right, you're not a racist. You're an anti-Christian jackass. That "landover" site is a classic, anti-christian, pro-liberal web site. You people can get away with mocking Christians for now, but if people like ME have our way, we'll be tossing your heathen, liberal asses out in the cold. BET ON IT.
You mean, like, the're not giving it to someone at microsoft this time? What's going on here. :)
-=fshalor
That would be his point.
The Kruger Dunning explains most post on
Thanks government... without you, I'd have nothing to be pissed at all day!
He won't be able to get into the office with a furrun sounding name like that.
"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."
I, for one, welcome our new cyber-security overlord!
I'm slightly concerned that its someone whos main source of income has been writing anti-virus software for Windows machines. I would doubt that he wakes up each day he hears about a new windows virus and says, that does it, i'm swithcing to linux for better security. He probably also would not really like to see for example, an open source virus program.
And to the extent that he can cast off his "I profit from poor windows security" past, then he would probably see the "paladium" or whatever its called now as the ideal solultion to the widows is a seive problem. And in the HS dept he'll have the clout to make it a national requirement.
the only good thing is it looks like he was a technical person who is well aware of many of the problems in computer security.
Some drink at the fountain of knowledge. Others just gargle.
I've never heard of this guy, so I just google'd him, and found all kinds of things, including this
interview with him from March 13, 2003, and this brief biography. He is currently vice president of Managed Security Services Operations for Symantec, and previously worked for the U.S. Department of Defense Computer Emergency Response Team (DoD/CERT).
kinda nice to see that the future "Head of Homeland Cybersecurity" at least has a formal c.s. education, and some obvious real-world experience.
Did bush and his monkeys come up with the name? I mean come on, who whould call that department anything cyber. Kinda like that add about becoming a 'cybercop'. This all just makes my wanna puke.
-Tim Louden
I got to witness ISS getting the "dept" involved firsthand with a recent Apache bug...... they decided that Free Operating Systems were not "real vendors" and kept us all out of the loop, so then we all got to find out about the bug with the rest of the public. The few "trusted" parties would have been looking at some treason if they had notified their friends in other affected projects.
Thanks ISS... again. This will be a huge unimprovement. I fear Germany will become the new world center for computer security if these boneheads have their way.
It's sure gonna be fun when DHS gets it's first taste of M$ virus du jour.
Can't wait for the egg to hit their face. Of course, they'll find a 15 year old scape-goat to blame it all on...
We are within the first few hours of the DHS and they've already made a serious mistake.
Symantic is the company that wants to keep all security related info away from most of the folks in the security industry. Seems like they are more concerned with making money than security.
I'm hoping that's why he left Symantic for his new position.
Amit Yoran is of course, a VP at Symantec. That would be the same company whose COO, John Schwartz, recently caused a storm by calling for laws to make it a criminal offence to share information and tools online which could be used by malicious hackers and virus writers. Am I alone in putting two and two together and becoming alarmed at the implication?
The more worrying thing (IMHO) was that "The BSA Lauded his Selection." -- so it will it be a criminal offence to "share information and tools online which could be used by..." Open Source Programmers.
I'm tellin' ya, they're trying to make Linux illegal.
You go brother, I too wish to know how a guy who was probably not even born in our country has been elevated to a position where he is involved in protecting us. America for Americans, goddamnit.
Both Dr Who, and The Avengers had nasty robotic hubots called cybernaughts - Obviously the homeland people have a healthy interest in 1960's TV, Lost in Space etc. Only Adult shops sell cyber do-dah's - and spin this word for everything soft and inflatable (the other homeland security).
I'm sitting here listening to TechTV's Screensavers, as Leo LaPorte isinterviewing some ex-miliary type hype a book he's written called "Black Ice". Apparently we're about to be overrun by cyberterrorists any second now.
It's sad that my hero LaPorte is taking this crud seriously. The author is strongly Bushifying the notion that the August blackout was caused by Evil Terrorists. Leo is listening with respect.
WHY? What the hell is "cyber" terrorism? Who the hell would waste their time bringing down network segments for God's cause?
Listen. Terrorism, by which I don't mean guerilla warfare a la Iraq, is a targeted attempt by a agent, not affiliated with any state, to strike FEAR into an enemy, in order to accomplish a desired result, like, say, removing American bases from Saudi Arabia. Governments do not commit terrorism. They commit war.
Terrorism is NOT just randomly destroying targets because you can. The idea is to create terror. Bringing down a network segment or clocking out a web site doesn't strike fear into bloody anyone, and doesn't accomplish anything.
If you want to create terror, you can do it with a gallon of gasoline and a timer. Terror is CHEAP, and simple. You don't need to overthink your methods. Didn't we learn ANYthing from 9-11? They didn't use superior weapons! They just did something we didn't expect, or at least Bush's brain trust couldn't.
And guess what? There hasn't been any acts of "cyberterrorism". It's a bloody stupid piece of fearmongering. If the creation of anticyberterrorist laws has any purpose besides creating a lucrative new corporate/government business to "prevent attacks", it is to create a new, Patriot Act enabled set of laws to make hacking of any sort a terrorist activity, punishable by secret imprisonment with no charges, torture, murder in secret, hell, the sky's the limit when you play on fear.
We're being bamboozled. They are going to lock down the Internet in the name of "terrorism". Remove anonymity. Track people. Keep records of all sorts for future amusing uses. Intimidate political enemies. (Scientology HQ must be wetting themselves with joy since 9-11).
Twenty five years from now, the transformed United States will look back with pride on a spotless record. The patriotic Acts will be credited for the lack of "terror".
The U.S., and probably the entire world, will be a colossal prison state. And no one will notice. They will be "safe" from the "terror" that these fear-crazed opportunists saw under every table.
This garbage almost worked in the Communist-crazy 1950's. But a largely liberal intellectual tradition in the U.S., coupled with 80 million teenagers, body-checked the police state that Nixon and the young Neo-cons were trying to create by executive order.
Now the same young loonies under Nixon are old loonies under Bush II. Faced with the lack of commies, have created a new state of terror from one set of attacks by forty mostly Saudi Arabian political cultists. Instead of showing us we are as unlikely to be killed by loonies as by lightning, they have pumped and exhorted fear into the hearts of Americans. We have become a pack of terrified sheep. We are building ourselves a prison that will last a thousand years... and we will be no "safer" behind out wall of guns and cameras than we were before.
The rest of the world, lacking the cheerleaders of bedwetting fear that the U.S.has, sees things as they really are. Some are going along with our draconian nonsense, but it seems to me they are doing so to snatch frightening new powers over their own people more than for any other reason.
It's happening because so few have the stones to tell the truth: we are creating more enemies by being afraid and striking out murderously in random directions, than by simply cooperating with the once-sympathetic world.
We're killing our own country. Bin Laden is laughing himself to death somewhere.
"Irrational Fox News"
That's the most fair and balanced statement I've heard about them. Personally, I think any irrational news station should be bashed, and Fox News certainly is irrational.
If CNN "et. al" includes CSPAN (which, in all fairness it should as CNN was largely behind its creation), then, yes, they are doing a better job since they "cover" the news more than they interpret it with bias and spin.
Of course, you should never trust any single source of interpretation... and that is hardly news.
I know this guy. He was a classmate of mine back at the Academy. The guy is sharp. He went from West Point, the Army's academyh, into the Air Force (A handful of people do this each year). I note went out to our class list about his companies sale, which made us all quite jealous.
The thing about West Point is that it drives home a commitment to the Country (Duty, Honor, Country is the School Moto). At least we have someone who stood up, raised his right hand, and swore to support and defend the Constitution. Yes, I am sure he is a savvy business man, but he's as honest as we are going to get.
BTW Amit, is an Israeli name.
Open Source Identity Management: FreeIPA.org
I listened to Richard Clarke at MIT once. While he was a very fervent advocate of cleaning up security, he lied blatantly and publicly at that presentation. "Carnivore was a bad name and a bad idea, it no longer exists" was flatly known to be false by at least 3 people in the room who had had occasion to be directly aware of *which* little rooms at the local mid-level ISP had the secret equipment, still in use as of the previous week.
He also refused to acknowledge the federal role in crippling security through the encryption export controls, which while looser now are still aimed dead square against anything the NSA cannot easily break into, and FCC standards that prevent breaking FBI or other agency undetectable man-in-the-middle monitoring.
We'll see if this new guy can do a better job, but if he has Ashcroft's hand shoved up is ass making his lips wiggle, I don't hold out much hope for actual improvements in our overall security. The very tools that improve security make life harder for law enforcement to monitor without detection: Ashcroft is not giving up those features, period.
you keep praying to your invisible friend in the sky. maybe someday he'll take you to the highest mountain and show you the entire flat, pizza-shaped circular earth. while you're there, you too can prove that the value of pi is 3.00 as well.
Bah! Now a multibillion dollar l0pht heavy industries... :)
That's a brilliant post coming from someone whose ancestors were undoubtedly immigrants. Remember, genius, Americans are not native to this country. America was founded by people not born in this country with the idea that everyone is welcome, regardless of where you were born.
And you believe to have the insight to accuse others of having a narrow view of the world? If you ask me, anyone who takes the time to slander a group of individuals and express such obvious xenophobia would be a more likely candidate for a narrow view of the world.
Then again, that could just be my narrow, liberal view of the world talking.
It goes from God, to Jerry, to me.
Sorry, but not even a terrorist attack will prove that it works or does not. If they attack and fail, how do we know that security measures wouldn't have stoped them before? New security requirements that worked don't count because we might have implimented them anyway. If they attack and the deparment cannot stop them, then it doens't prove anything since every plan made by man fails in some way.
The above doesn't even account for any terrorists who start planning something and realize before they are caught that it would fail so they stop the plan, and are never caught.
Which is all sad because IMHO I consider the department of homeland security a big waste of my tax dollars. Not the biggest waste, but still just waste at best. At worst it tramples all over freedoms that I used to have.
The people who founded America restricted immigration based on race. So not everyone was welcome. They also considered black to be 3/5ths of a White man.
Internet Security, thast just an old wives tale.
+-+-+-The folowing statement is true. The previous statement is false.-+-+-+
And can we please enact a law prohibiting people from the deep South from saying "www"? Hearing someone say, "Dubya dubya dubya" makes my fucking ears bleed.
Just get them to do what I do--pronounce it "wuh-wuh-wuh". Saves on syllables too.
I also considered "wee-wee-wee" at one point, but it never really caught on...
Correct. And I didn't even have to point it out to you. Like all traitors to our country, may I show you to the door? Fricken liberal scum.
The guy in charge of security at any institution might as well change his name to Snowden.
If you don't recognize this name, Snowden was a character in the Joseph Heller book "Catch 22" He's a gunner in a B-25 who gets shot. The protagonist, Yossarian, goes back to help him, and tells him he'll be fine. Then he opens the kid's jacket and his guts spill out all over the floor. The kid can't see them, so Yossarian keeps trying to comfort him.
That's your security administrator. He's already dead, it's just that nobody has shown him his guts yet.
Hot Damn! It's the Soggy Bottom Boys!
"Love is like pi - natural, irrational, and very important." (Lisa Hoffman)
US-CERT with retzin. Two nets in one...
hehe hehe
Maybe his first order of business should be to go after Verisign, as they're the biggest "Cyber Threat" out there right now.
;)
Who knows, maybe his Air Force experience will come in handy when it comes time to call in the air strike.
For that matter, while he's at it, he could pay a little visit to SCO as well.
$0.02 (CDN)
I think you've got it right there. If you care about a story, you should get as much information as possible. Of course, sometimes you can only get biased opinions, but in that case, you can just get a whole lot of opinions, average them out, and come out with at least a little info.
"The government of the United States is not, in any sense, founded on the Christian religion."
...unless of course you just get the facts and interpret them on your own... et voila, knowledge, not propaganda. Not a very popular option, but it usually exists.
Yes I know, the DHS hasn't done anything so far to earn this level of distrust from me, in fact they seem to be trying to build up trust, but...I'd definitely feel better just contacting security@mylinuxdistribution.com.
Government agencies do not need to defend their existence once formed. Get him!
(sound of IIZENII saying "Who?!?! What are you..." then silence)
Healthcare article at Kuro5hin
> unless of course you just get the facts and interpret them on your own
The problem is that these "facts" aren't really available. Most of the "facts" you hear aren't entirely true and leave the idea out of context. Where do you find your so-caled facts? Obviously, some places are better than others. CNN, C-Span? Okay, they're not too bad. FOX News, NPR? Might want to try again.
> > I am no more a racist than you are a religious zealot. :)
> Check out the link and see how much of a "zealot" I am. You'll be amused.
Reread that statement. He said "I am just as much racist as you are just as much Christian." He went to the link, saw what it was (that you aren't christian) then said that he isn't a racist, using that info. Nice try.
Being as it is the government, the facts are readily available. Every single word spoken on the House and Senate floors can be searched at:
http://thomas.loc.gov
Wonder where Bushie is spending money? Try the office of management and budget:
http://www.omb.gov
Want to know how diligently your representatives are looking into problems in government? Try the General Accounting Office:
http://www.gao.gov
If you don't know where to start, try:
http://www.firstgov.gov
If you don't trust anything from your government, try the Open Government Awareness project at MIT. They have an interesting method of assigning levels of authenticity and verification of facts:
http://opengov.media.mit.edu/
Of course, the selection of facts can distort the truth, but that is just the nature of reality. If you're seeking absolute truth, that's a matter of faith, religious or otherwise.
p.s. Thanks for the object lesson in Americans only seeking answers via the media as you gave no non-media sources of information. I hope these help.
Where's the record of the voice vote tally for the DMCA on thomas.loc.gov, drilled down to the specific representatives? Oh wait, there isn't one, because they voice voted so it would be a secret.
psst... If you want to make a comparison between the Department of Homeland Defense and something else, you should probably compare it with the Department of Defense instead of ONE of their buildings (the Pentagon).
There were nearly 150k in troops in Iraq, and 37k in South Korea. I won't even bother going into anything else.
The Department of Defense is *MUCH* larger than the Department of Homeland Security.
The FBI put out cyber-crime recruiting press releases in our city last month. It sounded like reasonable psoitions and pay. However, you have to be under 35 years old and be able to pass a fitness test (run 1.5 miles in under 12 minutes). The newspaper thought the latter would be hard on geeks.