Slashdot Mirror
Cybersecurity Firms Form Industry Association
An anonymous reader writes "Washington Technology is reporting that a new industry association centered around cybersecurity has been formed, to make sure security firms like RSA Security Inc., PGP Corp., Network Associates Inc., and others get their voices heard in Washington." Art Coviello, CEO of RSA Security Inc, is quoted in the article as saying: "The country is faced with the serious threat of terrorism and the possibility of cyberterrorism. If we can speak with one voice, we can play an important role in protecting the nation's critical infrastructure."
Yes, the "homeland security" craze is the next dot-com, and has been since 9/11. And yes, it is exploitative. This is not a troll, this is a fact.
Does not equal one technology, one protocol, one methodology, one market...
One target.
The problem with socialism is that they always run out of other people's money. - Margaret Thatcher
Translating those bullet points from business blabber to geek speak...
Coordinating with the Homeland Security Department to improve information sharing between business and government on cyber threats
Promising that their security products have appropirate government backdoors.
Improving corporate governance of information security
Making sure companies are required to purchase more of their products.
Improving federal procurement practices and guidelines
Making sure the government purchases more of their products.
Identifying gaps in cybersecurity research and development
Encuraging government research to do R&D for them.
Collaborating with U.S. and international standards development organizations to support emerging technology standards and specifications for cybersecurity
Making sure that add-on products are always standard equipment, rather than fixing OS flaws.
Supporting campaigns to improve awareness of cybersecurity
Encuraging the government to help with their marketing.
Supporting cybersecurity academic and workforce development programs
Ensuring an even further oversupply of tech workers is created so their labor costs stay low.
Pursuing Senate ratification of the Council of Europe's Convention on Cyber-Crime.
Talk the Senate into approving this thing here that mandates international cooperation in anti-hacking investigations.
...who thinks that this sounds wrong?
"Coordinating with the Homeland Security Department to improve information sharing between business and government on cyber threats"
How would RSA Security Inc. or PGP Corp. know about terrorist actions? This sounds like an excuse for the government to require back doors in crypto products.
Now I need to find my tin-foil hat...
EVERYDAY IS CATURDAY
Wow, another association to cloud the minds of the legislature and people. Professional associations have so much power nowadays with the way they influence policy and are practically infallible in the judicial system.
Even worse, many people don't even know that Adam Smith, writer of The Wealth of Nations who first described capitalist marketism, was vehemently against professional associations and corporations for the fact that they reduce competition and free markets.
Clearly, a market isn't 'free' anymore if the only selections that you have in the store are corporate products.
this group may well be being formed as a reaction to MS planning to enter the security business
RSA is practically a standard-setter in themselves, and their encryption is used in countless Microsoft products. RSA is effectively a partner with almost the entire software industry, including Microsoft. Do you seriously think the only reason they were so instrumental in forming this group was that they were scared of Microsoft's security enhancements?
Furthermore, Paul Kurtz is heading the team. As the website puts it, he was "special assistant to the president and senior director for critical infrastructure protection on the White House Homeland Security Council." I don't see how a fear of Microsoft factors into the choice of Kurtz as executive director of the group.
the idea of putting a (hopefully) impenetrable barrier (a Maginot Firewall?) around critical resources rather than constructing a compartmentalized defense-in-depth.
My instincts tell me that this is brain-dead. Any practical barrier is, by necessity, penetrable. A compartmental solution minimizes potential damage.
Of course, all of this is just metaphoric thinking.
....put that backdoor in any open source project.
We'll have safe code as long as we write and watch the code.
if MS were to put out a perfectly secure operating system, these companies would lose a good chuck of their revenues...
I don't know about that... so many of the security protocols (like ssh) and the encryptions like rsa) used in ms's stuff was produced by totally different companies--seems like they have a solid role to play in the evolution of ms wares, since the r&d associated with all sorts of security is so flippin' broad that even a titan like ms can't foot the whole dollar-and-resource bill.
Keep /. fair and intelligent!!!
To understand recursion, you must first understand recursion.
again america will be a frontrunner in creating a new enviroment. a safe computing enviroment for the masses. designed by coroprations, with the the goverment in mind.
they will take care of all your needs...
finaly we will see this funky abstract interface to the internet that _they_ think it should have looked like. lockin at every corner. intenet with an windows xp design (hey, this is slashdot), running on drm restricted hardware. computers limited and controled by someone else, but not who paid for it. computer experience for mom'n'pop, save and controlable.
thinking too much into this? yeah, sure. i see freedoms get lost in free america day by day. and this will be forced on all of the world. just as those features they propose will become obligatory with the right goverment. - hey we all have the right goverment? don't we? we/you elected them. so they will do the right thing. - right.
I doubt that this is an anti-Microsoft group as people are conspiricizing. It would make sense to join if you are a small to medium size business player and you don't run a policy office direct.
Its not just Microsoft thats missing, VeriSign and IBM are not there either, but they don't need this type of group.
Membership fees are pretty rich $150K or $60K. Thats not chump change. But it is much less than what a full DC policy setup would cost to run.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
Really, don't you people get it? Most people don't understand how supposed "cyber-wafare" works. They don't understand how a virus works. They're stupid, or should I say technologically incompetent, enough to believe that Dr. Norton really does a great job in the anti-virus world because.... he's a virus. And cyber-terrorism? Yes, there are many people out there who think that sending "cyber-attacks" across the internet is like sending over a missile. They don't understand the concept of what makes an actual exploit in a system. They think that shooting enough virtual missiles of any type at a computer can take them down.
I may be sounding harsh... but think about it, and I know you will recognize many of the people you know who fit this mindset description. Just think work, school, or home.
http://mediagoblin.org/
Watchdog group to oversee their activities? Any takers?
Cyberterrorism is not only a non-issue, the word itself only belongs in the mouths of those with something to sell by misdirection. Someone who rips off credit card numbers is certainly a criminal, but calling them a terrorist is as incorrect as saying they are from the planet mars.
Except the current version of RealPlayer sucks, and their company policies are horrible. Windows Media Player might not compare to WinAmp very favorably, but compared to RealOne it actually starts to look good.
I don't plan on touching a Windows box without first putting a combo of virus scanner and Spybot on it first. I would expect that MS is targeting all of the idiots who don't have any virus protection (the same idiots who have yet to disable Messenger and enable the XP firewall). The people who have traditionally bought Norton or McAfe in the past will probably continue to do so because they know better.
If my answers frighten you, stop asking scary questions.
DMCA. CoE requires criminialization of copyright violation and circumvention technology, which is righly a civil matter. The "information sharing" provisions are also quite disturbing.
RSA is a great algorithm. RSA is an evil company. Witness the Jim Bidzos threats to Phil Zimmerman, etc. RSA the *company* has set back practical, deployed internet security almost as much, if not more, than Rivest, Shamir, and Adleman advanced it with their algorithms. The whole reason we have fractionalized PGP with 2 vs. 5 is the software patent on RSA (in the US)
If we can speak with one voice, we can play an important role in protecting the nation's critical infrastructure. . .
and operate as a cartel under color of the public weal.
illegitimii non ingravare
True, but they won't do so without having a fix or software package they make to solve the problem. Then, it's competition between their products, and the one's deemed insecure. Good old healthy competition!
The AV companies talk about terrorism? Yeah, "wee care". Really. That's hilarious. They are just interested in their profits. Only in the US can they use such excusions and are not laughed off the stage.
The word terrorism has suffered an inflation when it has been misused after sept. 11th. When I hear that word on tv I immediately switch channel.
Nowadays anything bad may be categorized as terrorism. But we have had laws before sept. 11th that punish for crimes. Why can't we just use those laws? Why we need an extra "terrorism" label for those actions? It's just that those in power are fooling people. They created the new "terrorism" category and repeat it over and over again until it becomes a fact.
Disgusting.
Well, the business model is about the appearence of the widespread deployment of insecure networks and servers. It's like the war on drugs. They are succeeding at failing. "We've stopped xxx tons of yyy from entering the country. But we need more money because smugglers are now trying to ship xxxxxx tons of yyy."
"Learning is not compulsory... neither is survival."
--Dr.W.Edwards Deming