Slashdot Mirror
Department of Homeland Security Wants Nerds For a New "Cyber Reserve'"
pigrabbitbear writes "Just three weeks after Defense Secretary Leon Panetta told an audience at the Sea, Air and Space Museum that the U.S. is on the brink of a 'cyber Pearl Harbor,' the government has decided it needs to beef up the ranks of its digital defenses. It's assembling a league of extraordinary computer geeks for what will be known as the 'Cyber Reserve.'"
you cannot commandeer /.!
have you seen my sig? there are many others like it but none that are the same
You know they are jealous of Best Buy and wanted to call this the Geek Squad.
Learning HOW to think is more important than learning WHAT to think.
give the prevalence of H1B immigrants and the fact that most aren't staying in the country (better digs back home) does America have any hope of hanging onto a competitive edge? Not that it matters much for the guys at the top (they're global, they don't think about little stuff like countries anymore), but for little 'ole me stuck here in the good 'ole US of A it's a worry.
And if you think I'm exaggerating, you either aren't working in tech or you're not paying attention.
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
Or rounding up?
[puts on tinfoil hat]
Think about it, you participate one weekend a month for sec training and preparedness drills, and take on a special project every once in a while, and get the military benefits without leaving your house. I'd be in for that, especially if it (being those projects) could be done as moonlighting outside my regular job. That doesn't sound so bad.
Once again, the clueless people in high places prove they don't understand. Attaching "cyber", "e", "online" or even "with a computer" to something does NOT make it a new threat. And "Cyber Pearl Harbor"? Gimme a damn break. There is no need to try and compare unlawful access to a computer system by a foreign entity to an attack that killed thousands of people and drew the US into one of the bloodiest conflicts in human history.
Espionage is espionage, regardless of wether it's someone sneaking documents out of a building or tapping into someone's computer system. Just because something happens on a computer does not automatically make it a new class of crime for which there must be an immediate expenditure of untold sums of taxpayer money.
So please, governments....stop with the crap already...
"So after all this, you make my case for me. To end this stalemate, you must die..."
I can't help thinking we'd be better off sending our very worst programmers overseas instead. If you really are a computing screw up, the kind of guy that turns a "hello world" into an infinite loop, your truly are an asset to this nation and we'll gladly sponsor your job application to iran or north korea. Problem solved.
well then it's time for the people in charge of this, who were probably the lawyer/prep/ivy league have-it-alls in highschool, to get over their cliquish demands for irrelevant shit like dresscode conformity, good looks, superficial pop culture interests, and top tier athleticism if they want the very best technologists. Of course, if these assholes had learned anything since high school, they'd realize calling anything 'cyber' or 'virtual' scares away the people they're trying to bring in before they even start.
Sorry leon, /b/ still is not your personal army
Snowden and Manning are heroes.
for Frito-Lays. Unbelievable.
Fuck systemd. Fuck Redhat. Fuck Soylent, too. Wait, scratch the last one.
If that were true, it would have already happened by now. I mean, wtf are the US's enemies waiting for?
Here's what someone said back in 1998:
Excuse me if I can't take the government seriously about preventing a cyber "Pearl Harbor". What'll happen is that there will be some attack w
That's a tough one, but I'll take a shot..
You all know how the rest goes...
“He’s not deformed, he’s just drunk!”
Why would you hire an expert computer hacker/programmer/systems guy/girl if they can get paid 3x the amount working in a private company?
If you want to create an elite set of 'ubergeeks' you need to pay them a lot of money, allow them to work in jeans and tshirts, endless supply of mountain dew and snacks.
Or otherwise work for Google.
The price is always right if someone else is paying.
I put on my robe and wizard hat.
Yes I'm sure that Network Security
Specialists enjoy anything related to the word
CYBER, it is like the New Wave era of
HACKING (not to be confused with
cracking)... or something like that
How much does it pay,
How long until I qualify for a pension, and
Do I get to hack other countries for fun and profit without worrying about legal repercussions?
(Hey, the SCADA hacks on Iran sound like pure geek porn. Don't lie, you all wish you could have done that without fear of the MIBs showing up at your door to ship you off to Gitmo!)
Oh, and most important - I want a guarantee, in writing, notarized, and reviewed by my lawyer, that they won't ship me off to die in some foreign sandbox (no tech-pun intended) when they need sacrificial grunts for the next blood-for-oil charade.
...just hook me up with some of them Colombian hookers the Secret Service has been recruiting for their Randy Reserves.
I swear to God...I swear to God! That is NOT how you treat your human!
It could be a hard sell, but if Samuel L. Jackson called, I'm sure people would join. Of course, Anonymous would have to kill the Phil Coulson of nerds first.
"There was an idea to bring together a group of remarkable people, so when we needed them, they could fight the battles that we never could... "
This whole thing is useless, and counter intuitive.
Essentially, government is going "ZOMG! We have (t)error(ist)s causing problems in our networks causing mayhem and loss of our priviledged informations!" And instead of going "hmm.. maybe we should audit our standards and practices, and actually hire people who know what they are doing...", they instead proclaim "we must create a new branch of the armed forces to be responsible for our existing and unwieldy information infrastructure! We'l call it "cyber something-or-other'!"
This is 100% wrong.
The problem, --and the reason for all the security breaches--, is twofold.
1) we bend over backwards to perpetuate an inefficient intelligence and information handling infrastructure, with all kinds of protocols, and exceptions to rules that essentially (and are created precisely to) create "gyres" where information piles up, gets forgotten about, neglected, and buried. This allows people to hide information. Inject false information. For information to be lost when it could be essential. All kinds of problems. We do this because fixing the problem would expose people (and responsibility is bad, mkay), and would threaten established hegemonies.
2) the creation of this new organisation will only serve as a scapegoat for when things *will* go wrong because of #1. This will only create disgruntled IT people. If govt doesn't comprehend why that is bad, they deserve what they get.
3) the creation of a publicly exposed group causes anxiety in other countries, causing escallation of military backed network infiltrations and abuses of the global public commons that is the internet. It does not discourage this behavior.
Really, the whole idea is stupid.
What they should *really* be doing is improving the NSA to deal with offensive infiltrations (they are already good at it.), and completely restructure their data retention and data handling protocols in a fully comprehensive (with no sacred cows) manner, while hiring competent people to manage their infrastructure.
But that would fucking make sense.
I am getting very paranoid about the excessive paranoia that pervades much of the so-called free world - particular the USA. Is this merely a quest to discover a more profitable business model to supplant the arms and scanner technology (and debt) that seems to be the only exports the USA has these days?
All they have to do is say "we'll train you" and they'll have all the recruits they could ever want and then some.
Hell, got that with standard ad driven malware... Cyber Pearl Harbor? Huh!!! Just got done talking with my TSCC cleared father about nuke munitions being decomissioned, U/Pu reprocessed for use in nuke power plants after we went and pissed off the rest of the planet oil questing, pure friggin genius... Me thinks we have larger issues on the horizon, but it is true, security in computing has been so long overlooked it does need attention in the form of education of the masses, but not as such to compare with 12/7/1941, we did have radar at that point, just didn't know how to use it...
Look she spouted a lot of garbage about 'cyber-geddon' and it was torn apart by geeks pointing out that hacking a web page of a power station with its 10 visitors a day, is not synonymous with attacking the power station, and that the fix for these problems is to keep critical stuff on private network links.
So they hire a few geeks who will talk sh1t to attack the real enemy, us and our plain talking common sense! The War on Common Sense!
I noticed that the Russian Hacker, Georgia revealed a few days ago, was a sad man living in a crappy room, not a soldier in a military uniform surround by War Game screens. They are just a pest, and for Georgia it should have patched its servers and locked down its logins, even for the government websites so he couldn't deface them.
If you have a problem, you fix the problem, you don't declare war on it.
New Pearl Harbor is a melodramatic pre-imagining of the teenage attack on U.S. power-grids and the subsequent DooAlittleMoreThanNecessary Raid. While not directed by Michael Bay, fans of his in the CIA have collaborated with the makers of Innocence of Muslims and Rupert Murdoch in this captivating mind-wrenching sequel.
"When you see the part where Leonardo DiCaprio telnets into the Pentagon and sends drones to Moldova, you'll shit your pants!" -- Sock Puppet Reviews
"If you told me Justin Bieber could've played such a convincing hacker, I'd have laughed in your face" -- Hillary Clinton
"It brought tears to my eyes, and I was a POW." -- J. McCain
"Thank Yahweh for benzodiazepines! " -- Janet Napolitano (Eight-Time Mother of the Year Award Winner)
"You'll need your Mountain Dew for this one!" -- Anonymous
*Partially plagiarized from wikipedia.
Forward! -- Emperor Norton, 2012
Didn't we all get into technology for the meetings, the red tape, the bureaucracy, the TPS reports, the PHBs (pointy haired bosses)
In no particular order, the Heroes at Homeland Security will clap the leg-irons onto all their tame geeks, will lock down every box, will firewall every internal network, will take away every admin priv, will assign a "handler" to every geek with veto authority on every mouse click. And then? Of course the token techies will be crucified for not being able to use their non-existent resources to defend Wal-Mart from the script kiddies
They're looking for scapegoats my friends, don't fall for it
Do we get Scott Bakula as commander of NetForce?
they want tame nerds who agree with the USA's current luddite anti-technology crusade and will uphold things like plainly idiotic copyright monopoly law and endless censorship. They ain't gonna get the best and brightest until there's some regime change at the top.
How are the Japanese going to fly virtual planes into virtual harbors to cause real damage?
We're in real trouble if the DHS is 'on top of' the cyber war response. These guys will probably electrocute 20 men each trying to give the same PC a handjob "for information leading to a terririst!!!!" ;]
The DHS represents all the things Americans most despise about our own country: The invasion of privacy, the waste, the abuse of power, the incredible frauds, the xenophobia, our quickening slide toward fascism. Who would want to be in any way associated with this agency?
They're not interested in your best interests
The Federal Cyber Reserve? Oh no, that would imply it's not actually ran by the government.
The DHS is the worst idea to come out of Washington and that's a town that's pretty much only ever generated bad ideas. I'd rather be waterboarded than lift a finger to suport that particular government agency.
"My God...it's full of trolls!"
...TIMES A THOUSAND.
That way we can secure the whole country. Makes sense huh?
"The SCADA security holes have only recently come to the attention of the industry. I can assure you that there's a giant collective brick being shat over it but fixing this stuff takes time."
Rubbish.
What DHS is doing talking and what you also did was this:
a) Talking about SCADA system vulnerabilities and mentioning STUXNET as evidence of it (and not mentioning that it had to be introduced by a spy inside the plant and not internet facing)
b) Talking up cyber intrusions on web servers (which are internet facing).
c) Conflating the two as if they are both cyber attacks and thus the man attacking the web server can attack the SCADA system because they're both 'cyber'.
SCADA systems as NOT mostly on the internet with open logins, that's a fooking lie. This problem has been known from the start and the technicians who put these systems in are no idiots who've only just found out there may be a problem.
The problem here is the misinformation from the DHS to pump its own budget.
All right maggot, fallout! Colonel Homestarrunner is recruiting the most elite team of crack commandos to invade Strongbadia. Do you has what it takes to join the Homestarmy? Will you bring a sack lunch and some orange slices for me and serve your country? WILL YOU STUPID!?
Well.
I can say for one that I do not want to be a "comfort woman" for the DHS or its minions which is more in line with their 'guiding' ethos and principles. :(
private company's are the ones with poor security and some has to do with cut backs and other PHB driven stuff.
Like PHB buying stuff on the golf course with out getting tech people there to do a look over.
Staff cut backs that leads to people being over worked / not have the time to do security right.
Old hardware / software that forced them to use systems full of security holes.
outsourcing / 3rd party's techs that can have lot's of trun over / overhead and propel who don't know whats going on. There is this on BIG bank that uses them and they don't even get a company ID to use when they show up at the bank branch to do work. And there systems use USB ports as well.
NON tech mangers running IT does not help as well.
up till your called in and end up on a year long project and then what happens when you go back to your job??? The law says they can't do anything but you may have to stand up for your rights.
Just like fixing the IRS or FBI computers, the people most qualified to do so, with the skills and experience needed, are the last people that want anything to do with it. This initiative will fail.
The problem with cyberwar attacks, is that the developer always becomes a loose end in terms of attribution
I write an exploit, and .mil use it to exploit some powerplant software and cause a nuclear meltdown,
(referred to as "kinetic impact") killing hundreds of thousands of innocent people.
I am now one of the few who can identify my country definitively as the aggressor.
Purely from a risk management perspective, it would be foolish not to kill me to keep me quiet.
So called Cyberwar is going to be risky business for the geeks, play by all means, just make sure you get life insurance and proper hazard pay.
to bad PS2 ports are going away now there should be some kind of NEW PC's (yes that means dells, HP's, ECT) with PS/2 ports or even a pci / pci-e PS2 card.
So you can have a secure pc system that does not have USB or has USB that is 100% off.
the power grid needs to link all the plans and substations to each other so they can control all the switches on the lines.
You don't defend computers with a standing army. You defend them by not being an idiot and taking proper measures to protect your shit. That's never going to happen in the Corporate States of America.
Hitler and the motherland....
I've been out of work since you flunked my clearance.
You've still got my number.
But I don't have a car anymore.
Capability Based Security can make our systems secure. The Unix security model was optimum for CS labs in the 1970s... but it clearly isn't suitable for mobile code in a network of 1,000,000,000+ hosts.
Only give a piece of code the resources it needs to do it's job, and it can't take the world with it.
Your intellectual inertia biases you against change... it's time to grow up and really think about this.
Yes, but plants and sub-stations don't need to shop on e-Bay or check their Facebook status now do they?
If they need to be connected to a network, make it a private network and most of these issues go away.
There is no sane reason that these networks and these facilities should not be air-gapped from the internet at large. There are ways around the air-gap (stuxnet), but even these are trivial to prevent by not allowing random USB keys from outside by gluing the port closed and/or securing the hardware properly, and/or beating anyone stupid enough to do this with a stick.
It's not nuclear science or anything, it's just common sense.
You could join and sabotage them though.
This sounds like one of those dastardly devious plots by that well-known terrorist group. I'm on to your evil schemes. You can't fool me with yo*^%(*
Error 302 Seditious activity; redirecting...
From a person that doesn't do email. Truly, truly incredible.
I know this will ruin my Karma, and... I have never used this language in a public forum in my life, but, it's warranted...
Not only "no," but "HELL NO!" you Hitlarian Fascist bitch.
http://www.nationaldefensemagazine.org/archive/2011/August/PublishingImages/Cyber_UncleSam.jpg
...circus music. Where is it coming from?
Every day they will have to get up at sunrise and type 10,000 words
I would be far more afraid of a Cyber Perl Harbor.
"Why don't y'all take that badge and shove it up your ass. All up in your ass." I'm American.
"Gold still represents the ultimate form of payment in the world." - Alan Greenspan, 1999
Ready to assist, make check payable to me.
Got Code?
Yes, but plants and sub-stations don't need to shop on e-Bay or check their Facebook status now do they?
You mean you don't detect when your power station has been hacked by seeing whether the generators have unfriended you?
"Little does he know, but there is no 'I' in 'Idiot'!"
Want hackers working for you? Change the law so that ponting out a security hole doesn't land the guy in jail. Suddenly, the majority of 'cyberterrorists' will be working for you.
No thanks, I have no interest in doing free work for big corporations who can't bother to pay security professionals to secure their networks in the first place. Some days being an American isn't much fun.
It's in all the contracts. I didn't do the job I was trained for in the Army until two years after I got in.
Does that website actually use tables? maybe one of the first "1337 skilz" they get should be someone that knows how to use something newer than frontpage 2000 and knows better than to put an unobfuscated email addresses like infragardteam@infragard.org as a contact link.... unless this is a honeypot those poor bastards are going to get a serious introduction to spam. How clueless.
Get a web developer
.
Those are two phrases that parse out to the same functional content. It's like a breach of contract, even if they add on extra money ex post facto. Signing up for something which is supposed to be for period x and then having it involuntarily exchanged for period y, where $y\gtx$ (y is greater than x). I don't know if you see the non-difference between "involuntarily extended" and "forced to re-up": my opinion is that you'd have to concede that there is no functional difference.
and that project turns out to be based in a bunker in the desert because it's not safe to do it over the internet
Korma: Good
This.
Korma: Good
The linked article seems to be a retooling of this article from Reuters. It seems that DHS is considering setting up this program, it's not actually in place yet.
If you haven't already added yourself to the list you don't deserve to be a part of it
al qaeda, etc being (admittedly far) worse doesn't exonerate dhs - there are absolutely an enemy (though far from only) of us citizens.
I don't think most "sane"/reasonable people question that there are circumstances that warrant extra-constutional powers (curfews following sandy/katrina, immediate days after 9/11, etc) but use of such power must be subject to extraordinary scrutiny & a high burden of proof placed upon those who wield it. in contrast, what dhs has done is wield this power like a bullied child who found their parent's gun. the law may in theory limit their powers & rules of engagement but in practice they do whatever they want regardless of (in)effectiveness without anything resembling fear of consequences & can (& do) simply abuse said power to make examples of those who dare even question them (much less actually resist/assert rights).
all that said, they are admittedly a necessary evil but they are an evil. the point being they could be just as effective for mountains of less $ while showing a lot more respect to citizens & the bill of rights. until/unless they do so I for one see no reason to assist them...
In the UK DHS are a company best known for having continuous "hurry! must end Monday!" bed sales.
It makes it hard to read US stories about spying without giggling.
To have a right to do a thing is not at all the same as to be right in doing it
Excuse me if I don't take Senator Tubes seriously.
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
Make certain that these "reservists" do not have the pedigree to bolt should these "go bad".
Ethnic !=talent, unless one is in the PRIVATE sector; it's the DOCILITY factor.
What drove Panetta to summon one of the most notorious acts of war on American soil is the persistence of Iranian hackers, who have waged repeated cyber attacks on American financial institutions and who recently dropped a nasty virus on Saudi Aramco, the world’s largest oil producer.
First WE fired the first shots in this war with STUNXNET and flame. Anyone or country has a right to self-defense. How not to get shot at? Don't fire the first shot! THEN YOU! have the right to self defense.
Second who recently dropped a nasty virus on Saudi Aramco Saudi Arabia is not a State in the US so let the Saudi's defend themselves in this. They have plenty of money to hire their own. Better yet let them train their own people and let them do the job. Oh yea Saudis don't have to work.
Computer savvy terrorists could burrow their way into systems that control vital U.S. infrastructure and do something crazy like derail a passenger train or shut down a power plant. “These attacks mark a significant escalation of the cyber threat,” Panetta said.
If a power plant, train, or water supply does get hit it is the fault of who every design the system if it can be accessed by the public net. AIR GAP! Such a simple low cost method of protecting a network.
Over the last few months I have gotten a lot of calls wanting me to work in cyberwarfare Its strange that they don't understand that I see them as the emeny not Iran. I sure that not all this so called cyberwar stuff is directed at Iran but a large part of it is directed towards us..... WE THE PEOPLE.
Be afraid.... Be very afraid.
Unfortunately for the homeland security despots, most of the world does not live in the United States. Most everything technological is made in China, and if you do some checking you will find that the US is not the innovator that it thinks it is. Surprisingly, the US has never been much of an innovator. The US's talent has always been commercialisation rather than innovation. Since other nations are stepping into the vacuum left by the imploding US economy, I think we approach an economic cusp after which the US will rapidly decline in global significance. It will be interesting to see how things lie when the balance of power shifts. Our own government, which has spent the last thirty years ass-kissing the US, has lately been busy abandoning what they too seem to regard as a sinking ship.