Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Executive Tapped For Top DHS Cyber Post

Posted by samzenpus on from the reboot-to-be-safe dept.

krebsatwpost writes "The Department of Homeland Security has named Microsoft's 'chief trustworthy infrastructure strategist' Phil Reitinger to be its top cyber security official. Many in the security industry praised him as a smart pick, but said he will need to confront a culture of political infighting and leadership failures at DHS. From the story: 'Reitinger comes to the position with cyber experience in both the public and private sectors. Prior to joining Microsoft in 2003, he was executive director of the Defense Department's Computer Forensics Lab. Before that, he was deputy chief of the Justice Department's Computer Crimes and Intellectual Property section, where he worked under Scott Charney, who is currently corporate vice president for trustworthy computing at Microsoft.'"

34 of 138 comments (clear)

  1. ... trustworthy computing? by Anonymous Coward · · Score: 4, Funny

    Before that, he was deputy chief of the Justice Department's Computer Crimes and Intellectual Property section, where he worked under Scott Charney, who is currently corporate vice president for trustworthy computing at Microsoft

    Trust... worthy... computing at Microsoft... Isn't there a law that prohibits the words trustworthy and Microsoft in the same sentence?

    1. Re:... trustworthy computing? by gadget+junkie · · Score: 2, Interesting

      Before that, he was deputy chief of the Justice Department's Computer Crimes and Intellectual Property section, where he worked under Scott Charney, who is currently corporate vice president for trustworthy computing at Microsoft Trust... worthy... computing at Microsoft... Isn't there a law that prohibits the words trustworthy and Microsoft in the same sentence?

      I do not think it's forbidden, but it comes very close to the definition of Oxymoron, i.e. mutually contradictory terms.

      --
      "If a boss demands loyalty, give him integrity. But if he demands integrity, give him loyalty." (John Boyd, 1927-1997)
  2. Microsoft and Security in a same sentence? by Anonymous Coward · · Score: 4, Funny

    I foresee a lot of Microsoft Security jokes in the following threads.

    Here is one

    Do you allow Phil Reitinger to be the top cyber security official?

    Allow | Deny

    1. Re:Microsoft and Security in a same sentence? by Narnie · · Score: 4, Funny

      Do you allow Phil Reitinger to be the top cyber security official?

      (Okay)

      Fixed that for you.

      --
      greed@All_Evils:~#
  3. Ah dammit... by Narnie · · Score: 4, Funny

    There goes any chance of the DHS switching over to an linux/unix environment in the next decade.

    --
    greed@All_Evils:~#
  4. Re:Microsoft and Security in the same sentence? by Praedon · · Score: 4, Funny

    Nope. New department, which is Department for Cannibal Relations.

    --
    Just me
  5. que 500 stupid M$ sux0rs posts by timmarhy · · Score: 5, Insightful

    this guy doesn't seem a half way bad pick. of course if it was my call i'd eliminate the whole DHS nonense and just fund the FBI,NSA,CIA and police properly. if those 4 agencies can't get it done wtf is the DHS going to add?

    --
    If you mod me down, I will become more powerful than you can imagine....
    1. Re:que 500 stupid M$ sux0rs posts by Renraku · · Score: 4, Insightful

      If we could achieve with nuclear fusion what we have achieved with DHS, we'd all be living off of cheap and reliable energy.

      Suffice to say, the DHS is rather self-sustaining. If it isn't keeping liquids off aircraft or your electronics in the baggage handlers' pockets, its harassing and keeping us American citizens in fear.

      --
      Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
    2. Re:que 500 stupid M$ sux0rs posts by timmarhy · · Score: 4, Funny

      so let me get this right, government departments were shown to be poor are communicating, so your solution is to create yet another goervnment department for them all to mis communicate with?

      --
      If you mod me down, I will become more powerful than you can imagine....
    3. Re:que 500 stupid M$ sux0rs posts by BadAnalogyGuy · · Score: 2, Informative

      The DHS is the over-arching agency containing the previously separate agencies you listed above.

      Prior to the creation of the DHS, communication between agencies like the CIA and FBI was legally difficult because of the lack of transparency. But now that they are under the same umbrella agency, they can share information much more easily.

    4. Re:que 500 stupid M$ sux0rs posts by retech · · Score: 2, Informative

      Did you mean: Cue or Queue?

    5. Re:que 500 stupid M$ sux0rs posts by Chas · · Score: 2, Funny

      If we could achieve with nuclear fusion what we have achieved with DHS

      What? A parasitic reaction that just consumes and consumes and consumes, is more of a hindrance than a help, and wastes tons of money in the process?

      --


      Chas - The one, the only.
      THANK GOD!!!
    6. Re:que 500 stupid M$ sux0rs posts by xouumalperxe · · Score: 2, Funny

      It's a portmanteau! He's cuing the "500 stupid M$ sux0rs [posters]" to queue up, since there's so many of 'em!

    7. Re:que 500 stupid M$ sux0rs posts by Jane+Q.+Public · · Score: 2, Insightful

      And you honestly think that is a good thing? How old are you, anyway?

    8. Re:que 500 stupid M$ sux0rs posts by CaptainJeff · · Score: 3, Informative

      Ummm....the CIA and the FBI are not under the same agency now. The FBI is an agency of the Department of Justice and the CIA is an independent agency that quasi-reports to the Director of National Intelligence. The other agencies mentioned, the NSA and the police, are also not part of DHS. NSA is an agency of the Department of Defense and policing is a local function, run by any number of local agencies. But by all means, keep talking about things you obviously don't know anything about and cannot be bothered spending ten seconds on Google to confirm. :)

  6. Good Grid! by Jane+Q.+Public · · Score: 5, Insightful

    Isn't that like asking the head of AIG to be the officer of "financial responsibility"???

    1. Re:Good Grid! by antibryce · · Score: 2, Funny

      it'd be like appointing a tax cheat to head the IRS.

  7. US-CERT mentioned in article by daemonburrito · · Score: 5, Informative

    I wonder if we will be seeing US-CERT standing up to Microsoft the way they did with this (a vector for conficker) with him in charge.

    I have a sick feeling about this. This guy was surely part of the Microsoft effort to call this a feature. And what was this "political infighting" that the article alludes to? I hope it wasn't over whether to go after Microsoft for aiding in the creation of the largest botnet to date.

  8. In all seriousness by Jane+Q.+Public · · Score: 4, Interesting

    While anecdotes from Windows users regarding how they tried to make an inherently insecure system secure could be extremely valuable, I doubt that anecdotes about how Microsoft executives tried to make their systems secure will be equally valuable. This was a ridiculous choice, and further undermines my initial hope that Obama might indeed turn out to be a good President.

    1. Re:In all seriousness by Jane+Q.+Public · · Score: 3, Insightful

      The choice of an executive officer of a major supplier of operating systems -- Windows of all things -- to this position sends a clear message to those who have been involved in "security" issues for many years. And that message is: "We don't care about 'security' except to the extent that it affects our corporate friends."

      I am very saddened by this news.

    2. Re:In all seriousness by Jane+Q.+Public · · Score: 2, Insightful

      Why? If you do not already know, then you aren't qualified to be in this discussion.

  9. Enemy combatants. by Snufu · · Score: 3, Funny

    Anticipate all persons attempting to enter the U.S. to be screened for explosives, hazardous chemical agents, firearms, radioactive materials, and open source software.

  10. I'd like to be objective about this. Let's try. by Anonymous Coward · · Score: 5, Insightful

    I like how this guy, whom I don't know much about, is painted a smart pick, coming as he does from the largest single computer security threat on the planet. Anybody recall that up to not very long ago at all security was not on their agenda? Simply because it made them more money not to care.

    Oh, and that is remebering their own words and without mentioning the usual, such as that they are convicted monopolists too, their business practices suck, their code sucks, their customer service and sales techniques reminisces that of office depot, and so on and so forth.

    The bottom line is that in politics you usually don't let the guy who fucked it up try and fix it. Unless perhaps the guy has friends in high places.

    1. Re:I'd like to be objective about this. Let's try. by gtall · · Score: 2, Funny

      How do you explain the Congress then? They cannot all have friends in high places. Watch CSpan when they broadcast hearings sometime. It's amazing how clueless these morons can be, especially the House members. For some odd reason, Senators have two brain cells to rub together instead of a single loner.

      Typical Committee Hearing:

      Title: Investigation into Why Tarp Funds are being Misused.

      Purpose: Figure out if Tarp Funds are being misused.

      Dennis Kucinich: Blah, blah, blah, Ohio, blah, blah, I am NOT an idiot, blah.....

      Each Member: Given 5 minutes to whine about how they don't understand anything.

      Suspect Witness: Given 10 minutes to state why he isn't lying after being told he is going to lie.

      Questioning: Isn't it true you beat your dog this morning after beating your wife and her mother?

      Suspect Witness: We didn't use Tarp Funds in beating those individuals.

      Dennis: Thank you for appearing here and assuming the position, we welcome you back to beat you up again at our convenience, 'cause, y'know, we have nothing better to do.

  11. Did anyone else misread... by wayward_bruce · · Score: 3, Funny

    Many in the security industry praised him as a smart pick, [...]

    Did anyone else misread this as "smart prick"?

  12. Expect many new ISO standards .. by Anonymous Coward · · Score: 3, Insightful

    I think choosing someone from a company that is STILL under DoJ supervision for questionable behaviour has a couple of unwanted implications, especially since this guy was at board level.

    It's only good news for foreign industrial espionage and botnet herders..

  13. Re:Try not to be too delusional. by daemonburrito · · Score: 3, Interesting

    [...] just because this guy worked for Microsoft doesn't mean he lacks intelligence.

    No, but it does mean that he was part of the team fighting US-CERT for months over autorun, at least. He likely helped resist an effort by a division of the department he is to head to fix a security problem that was so bad, they felt it endangered national security.

  14. If Obama were serious about his duty by Jane+Q.+Public · · Score: 4, Insightful

    then he would be hiring Bruce Schneier for this job. I know he is disliked by a lot of industry but he is the man with the facts and the plan.

  15. Re:Try not to be too delusional. by jaredmauch · · Score: 2, Interesting

    A sad note on the autorun activity. The challenges US-CERT has are complex as they have little ability to enforce sane standards and are just as the name says a response team. Once you formulate a response, someone has to execute it, and the federal government is one of the largest enterprises out there, certainly if you include all the contractors as well. It will be interesting to see if there is a shift away from bah to career feds.

    At the same time, everyone makes mistakes and Phil has always shown himself to be a person who generally "gets it" compared to others I've bumped into at GLB. The same is true for any org, fed or not.

  16. Re:Try not to be too delusional. by daemonburrito · · Score: 4, Interesting

    I don't know. Even if he just did nothing to stop Microsoft's resistance it would be bad.

    If guys from CERT called me and said, "Hey, could you make The Autorun and NoDriveTypeAutorun registry values actually do something? We worried about this 10 million strong botnet," I'd probably comply. The reality was even worse; Microsoft wrote instructions for users to mitigate the problem which they knew were not effective.

    The last thing I would do would be to start a PR war, which they did only to save face about something that has been criticized for over a decade. It's amazing... some slight marketing concern overrode what they were told was a matter of national security.

    Funny... the wikipedia page on autorun was just stealth edited to remove all mention of the problem.

  17. Re:Microsoft and Security in the same sentence? by Lumpy · · Score: 4, Insightful

    Why do you people think that the next new guy will be any different than the last one? I don't care WHO is elected. If they are Democrat or Republican, they will cater to their interests first and do the right thing last.

    MSFT funded a lot of his campaign. This is paying them back by appointing one of their executives, or they use their buddies.
    This happens every change of power.

    I just get a royal kick out of all the "WOO CHANGE!" people all sitting in their chairs sober now with their mouth open at the TV sets staring in disbelief.

    The only advantage is that this time our president is actually educated and articulate.

    --
    Do not look at laser with remaining good eye.
  18. Re:Microsoft and Security in the same sentence? by Anonymous Coward · · Score: 4, Insightful

    The only advantage is that this time our president gives great speeches from a teleprompter.

    There... fixed that for you.

  19. Re:There May Be An Upside by maxume · · Score: 2, Insightful

    Things that you occasionally compromise are generally called preferences.

    --
    Nerd rage is the funniest rage.
  20. Alas no by Mateo_LeFou · · Score: 3, Insightful

    The term might not be used as often, but the concept is alive and well

    "the new chips will 'block unauthorized access to the frame buffer.' ...

    There is a short list of parties who will be unauthorized to access your frame buffer: You. There is a long list of parties who are authorized to access your frame buffer, and that list includes Microsoft, Apple, AMD, Intel, ATI, NVidia, Sony Pictures, Paramount, HBO, CBS, Macrovision, and all other content owners and enablers that want your machine to themselves whenever youâ(TM)re watching, listening to, reading, or shooting monsters with their products. "

    http://www.infoworld.com/article/07/03/28/14OPcurve_1.html

    --
    My turnips listen for the soft cry of your love