Slashdot Mirror


U.S. Cybersecurity Report Available

Kaelem writes "Kevin Rose put up a copy of the report Cybersecurity for the Homeland (pdf), due to be released tomorrow. It talks about some interesting things, like expanding the US-CERT website as well as funding for colleges to develop cybersecurity curriculum."

3 of 187 comments (clear)

  1. Re:Which department? by canuck57 · · Score: 5, Insightful

    More like from the U.S. Depeartment Of We're Not Going To Tell You Anything You Didn't Already Know About Security

    No one cares about security until they get burned. Once burned the battle cry goes for awhile and fizzles as most don't give a rats ass about security beyond looking politically correct. It is why so many sites and users get hacked.

    And here is a hint, most get hacked from the inside out, that is - some twit loads a spyware or malicious program and claims ignorance when it happens. More like carelessness but management often overlooks it.

    Safe computing is like safe sex, use some precaution and don't be a slut and download everything you can click on.

  2. I doubt that. by dexterpexter · · Score: 4, Insightful

    Really? As someone who just finished studying and reading the CERT guide for System Administration and Accreditation (yes, it was torture), I find that most system administrators do not know the principles within, or recklessly choose to disregard some of the most helpful ones. Many system administrators are seat-of-the-pants, self-taught individuals who learn along the way as issues come up, and sometimes miss some of the fine points of securing a system. A lot of admins push large upgrades on production systems, or use test systems still connected to the main network (the recent 60,000 computer fiasco reported in /. is a good example), don't practice isolation, choose their products on budget or because of a last minute need (although sometimes this is unavoidable), do not configure firewalls correctly, do not lock down their systems tightly, etc. Sometimes they do everything they should, but out of order. A lot of people don't realize the importance of order in bringing systems online. Many times, these are on critical systems or systems which contain confidential information. Customer information is put at risk, simply because the administrators do not know any better.
    A lot of companies hire admins who are actually unqualified, but who can do a "good enough" job because they don't understand what to look for in an admin.
    Not all admins are this way, but a suprising number of them are.

    If admins out there honestly knew everything there was to know about security, and administer their system to the CERT guide specs, then I would be impressed. Because my experience in observing everything from large university systems, health care systems, tag agency (all-you-need-for-identity-theft-agencies, more appropriately) systems, corporate systems (credit card information and personal information), is that this simply isn't so.
    A lot of penetration testing reveals vulnerabilities in areas that are clearly stated in that CERT guide.

    --

    *-*-*-*-*-*-*-*
    "We are Linux. Resistance is measured in Ohms."
  3. Re:Are our lives really changed? by dave420 · · Score: 4, Insightful
    Seeing as the pentagon was having drills for what to do should airliners be used as weapons against them, and the previous G8 meeting earlier in the year when anti-aircraft armaments were deployed, to defend against rogue aircraft, their claim they didn't know about airplanes==weapons is just pathetic lying.

    For a country that loves democracy so much, America doesn't seem to give a flying shit when their politicians lie. Unless it's about a blowjob, in which case it's TREASON, I tells ya! TREASON!

    Sort it out, America. It's time for torches and pitchforks, and a nice stoll down to Washington DC... Unless you do that, the rest of the world will simply look on and laugh at the mess you've got yourself in ;)