Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hacker Jeff Moss Sworn Into Homeland Security Advisory Council

Posted by Soulskill on from the different-kind-of-expertise dept.

Wolfgang Kandek writes "Hacker Jeff Moss, founder of computer security conferences DEFCON and Black Hat, has been sworn in as one of the new members of the Homeland Security Advisory Council (HSAC) of the DHS. Moss, who goes by the handle 'the Dark Tangent' says he was surprised to be asked to join the council and that he was nominated to bring an 'outside perspective' to its meetings. He said, 'I know there is a new-found emphasis on cybersecurity, and they're looking to diversify the members and to have alternative viewpoints. I think they needed a skeptical outsider's view because that has been missing.'"

11 of 139 comments (clear)

  1. DC = suits = Borg by h00manist · · Score: 5, Insightful

    Either he resigns in disgust or becomes assimilated.

    --
    Build your own energy sources from scratch. http://otherpower.com/
    1. Re:DC = suits = Borg by cromar · · Score: 5, Interesting

      It's better than hackers not having any voice in government. I commend him. If he is able to turn around even one asinine governmental security policy, it's a step forward at least. Who knows? Maybe the US government will come to recognize us as the valuable resource we are because of our intimate knowledge of the systems that make up the modern world. Maybe hell will freeze over, pigs will fly, and the cows will come home. Well we can hope anyway!

  2. Good luck with that, Jeff by Jawn98685 · · Score: 5, Insightful

    Seriously. I have no doubt that Jeff has the chops and the "perspective" that has definitely been "missing". I watched the eyes of Richard Clarke and his entourage glaze over at a "town hall" meeting with the "President's Critical Infrastructure Protection Board" (or whatever they called it then) in Portland about 8 or 9 years ago, as some very smart security folks told them what was coming and what needed to be done. Honestly, I don't know if they just couldn't grasp the issues or if they were more interested in political play, but the message was quite plain; "the government" was going to be no help in securing things. Political inertia being what it is, I doubt that much as changed, the current administration's well-meaning efforts notwithstanding. Jeff is in for a frustrating ride, I fear.

    1. Re:Good luck with that, Jeff by MeatBag+PussRocket · · Score: 5, Interesting

      perhaps... just perhaps his background (read: _not a stuffed shirt_ ) will allow him to say "look, this is a problem and if you dont realise it you're an idiot and these are the very real consequences" hes not beholden to any voter or company and has no political baggage. if the sky is falling he can definily say it is without worrying about constituents or political parties

      --
      i wage a holy war against the apostrophe.
    2. Re:Good luck with that, Jeff by malkavian · · Score: 5, Interesting

      He may employ a similar tactic to the one I use when I have to deal with people above me in political clout on issues of a technical nature
      Rather than play their game, I simply produce a highly condensed set of the major risks that would be caused if the activity I recommend does not take place, then wander round to whoever it is that's trying to hold it all up/derail it, and get them to sign at the bottom of the page (has to fit on one side of paper) saying they agree that the risk is all on their own head and that they accept it entirely be not performing the activity.
      You then leave with a signature, or the support for the activity. You'd be surprised by how many people don't even try to understand the matter until their head is on the block for it. The pen is truly mightier than the sword sometimes.
      If they don't sign, they lose a lot of respect for trying to dodge the matter.

    3. Re:Good luck with that, Jeff by The+Dark+Tangent · · Score: 5, Informative

      Thanks for the encouragement! I serve at the pleasure of the Secretary, and will do my best to give the HSAC and her the information and opinions I think are necessary to make informed and non-lame decisions. The rest will be up to the powers that be. Like someone said in another post, I have no horse in this race. I'll try to make a positive change and if I feel I can't because I am the wrong person for the job then I'll step aside for someone who can.

  3. Re:Maybe Jeff can explain this by Ant+P. · · Score: 5, Funny

    Could a slashdotter post some "simple to understand code" that produces output I cannot reverse engineer?

    function f(int x) { return x/x; }
    Find the original value of x, when given f(x) == 1. To get you started, x is not 3853, 178470 or -8956583566.

  4. Re:Maybe Jeff can explain this by osu-neko · · Score: 5, Informative

    I see a number of people have answered, but none have giving a simple and straightforward explanation to what's wrong with your question.

    Simply put: Unix does not store your password. If you've been told Unix stores your password encrypted somewhere, someone was glossing over the details to the point of making false statements. People can't reverse the process of decrypting your password because your password isn't stored there to begin with.

    If you want to know what is actually stored, follow the previous advice about looking up hashing algorithms. Quick a dirty answer: when you first type in your password, a hashing algorithm is run over it and a hash code is produced, which is stored. When it prompts anyone for your password, it doesn't know the correct answer, but whatever answer anyone gives, it runs through the same hashing algorithm and sees if it produces the same result. The odds of two different strings producing the same hash result vary with the algorithm but it can be something like 1 in 2^160.

    But the short answer is, your password cannot be decrypted because it wasn't encrypted and stored to begin with. There's nothing to decrypt.

    --
    "Convictions are more dangerous enemies of truth than lies."
  5. Re:More change for the US by Anonymous Coward · · Score: 5, Insightful

    I don't think the jury is still out on intelligent, at least. He did go to an ivy league school, and his daddy wasn't in politics, or rich. He also didn't just barely scrape by with C's, he graduated with honors. Oh, and then he's written his own books (as opposed to authorizing other people to write them, like most politicians). You could argue that the jury is still out on "different" and even "competent" but I don't think you could seriously make an argument that he isn't intelligent.

  6. Not quite by WilliamBaughman · · Score: 5, Insightful

    I'll take the bait. The phrase "poacher turned gamekeeper" refers to someone who now protects the interests they previously attacked. Jeff Moss never (in public knowledge) attacked the security of the United States. He has exposed weaknesses in various security systems, but that's often considered helpful. It would be more like a naturalist with a BA in Criminal Justice turned gamekeeper.

  7. Mitnick and Lamo think otherwise by It's+the+tripnaut! · · Score: 5, Interesting

    Kevin Mitnick and Adrian Lamo do not seem to like the idea of Moss getting the nod. Mitnick prefers Bruce Schneier while Lamo believes Moss is a suit, "the reality is he's as corporate as hiring someone out of Microsoft."

    I wonder what the reaction in the tech community would have been had the 2 above gotten the call instead.