Slashdot Mirror

← Back to Stories (view on slashdot.org)

Department of Homeland Security Wants Nerds For a New "Cyber Reserve'"

Posted by samzenpus on from the grabbing-geeks dept.

pigrabbitbear writes "Just three weeks after Defense Secretary Leon Panetta told an audience at the Sea, Air and Space Museum that the U.S. is on the brink of a 'cyber Pearl Harbor,' the government has decided it needs to beef up the ranks of its digital defenses. It's assembling a league of extraordinary computer geeks for what will be known as the 'Cyber Reserve.'"

55 of 204 comments (clear)

  1. NO! by ganjadude · · Score: 4, Funny

    you cannot commandeer /.!

    --
    have you seen my sig? there are many others like it but none that are the same
    1. Re:NO! by ColdWetDog · · Score: 5, Funny

      Maybe not but if they handed out T-shirts, geeks would be all over it.

      --
      Faster! Faster! Faster would be better!
    2. Re:NO! by c0lo · · Score: 2

      you cannot commandeer /.!

      Warmly recommend DHS to try at 4chan: recruit them young, you know! (grin)

      --
      Questions raise, answers kill. Raise questions to stay alive.
    3. Re:NO! by AK+Marc · · Score: 2

      Chee-toes and Monutain Dew, damnit. Or does that show my age?

      --
      Learn to love Alaska
    4. Re:NO! by Anonymous Coward · · Score: 2, Insightful

      It shows you have better taste than all them kids theses days, with their colorful bovine

    5. Re:NO! by Impy+the+Impiuos+Imp · · Score: 2

      Yes they can. How exciting!

      It'll be just like this!

      Well, except for the friends, party, and wife.

      --
      (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
  2. Cyber Reserve? by chill · · Score: 5, Funny

    You know they are jealous of Best Buy and wanted to call this the Geek Squad.

    --
    Learning HOW to think is more important than learning WHAT to think.
    1. Re:Cyber Reserve? by siddesu · · Score: 5, Funny

      You may laugh, but I already applied. Try to beat the photo on my resume. http://www.chaosscenario.com/photos/uncategorized/2007/06/27/internet.jpg

    2. Re:Cyber Reserve? by Warhawke · · Score: 4, Funny

      I figured Cyber Men would be a better name for an extended army of...

      Oh.

    3. Re:Cyber Reserve? by tehcyder · · Score: 3, Funny

      Cyber!

      a/s/l?

      --
      To have a right to do a thing is not at all the same as to be right in doing it
  3. You know I've been wondering about this.... by rsilvergun · · Score: 5, Insightful

    give the prevalence of H1B immigrants and the fact that most aren't staying in the country (better digs back home) does America have any hope of hanging onto a competitive edge? Not that it matters much for the guys at the top (they're global, they don't think about little stuff like countries anymore), but for little 'ole me stuck here in the good 'ole US of A it's a worry.

    And if you think I'm exaggerating, you either aren't working in tech or you're not paying attention.

    --
    Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
    1. Re:You know I've been wondering about this.... by rsilvergun · · Score: 3, Insightful

      No, I'm saying how are we suppose to build up any know how and skill in this country if all we do is ship in cheap labor and ship it out. For the record though I've got nothing against stealing the world's best and brightest. We did it in WWII with the Nazi's and it worked out great (rockets, atomic bomb, etc). OTOH, I do wish we'd stop shipping in entry level programming positions. You will never convince me there's a shortage of VB programmers :P.

      --
      Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
    2. Re:You know I've been wondering about this.... by Anonymous Coward · · Score: 2

      You are right, there are not a shortage of VB programmers. There are plenty of 40 year old guys that claim they have 25 years experience in software development and want >$100k. Unfortunately, 99.9% of them turn out to hardly know how to operate a computer effectively, much less write software for it.

      There is, indeed, a shortage. I have spent my whole career in IT involved in, or responsible for hiring team members and we frequently spend months looking for a person (and then end up compromising).

      All of these 'unemployed' american software engineers are excel jockeys, or at best operations engineers with hobbiest level dev skills.

    3. Re:You know I've been wondering about this.... by AHuxley · · Score: 2

      Depends on the competitive edge they want.
      The USA usually finds just the people they need for any role.
      NSA, CIA, DIA know where to find people, get them into crypto, make life more easy as they move up the advanced math ranks.... or trade tracer fire during peace time in distant lands.
      The TSA found its people in other parts of the US and even the tame US press seems to have to report on the lack of basic background reports on staff, missing items... but they had the 'hands' on skills needed...
      So what does the DHS really want? The UK seems to offer a hint http://www.independent.co.uk/life-style/gadgets-and-tech/news/xbox-geeks-to-become-cyber-spies-8217352.html
      Security forces around the world want youth, the slang, the lifestyle and the look of 'average'.
      Its no good dropping a 6ft, battleground tanned, fit, healthy 'agent' in an "irc" room full of overweight coders with skin problems, rich parents, top computer games and their own view on the world forged by 6 years of free French at a top US university.
      The ability to guide the press by day and do a night raid (death squad) is of no use back on the home front.
      The ability to "man flirt" about rich parents, life at a top US university, seeking out distilleries, unique local beer...for 6 months and some day guide cyber protests ....
      This is just another Counterintelligence Program - welcome to the world of minority rights, animal rights, save the earth.... all your chatrooms, forums, blogs, web 2.0 are about to get some quality infiltration by people who can sit back and be one of "you" for 1 or 25 years.

      --
      Domestic spying is now "Benign Information Gathering"
    4. Re:You know I've been wondering about this.... by node159 · · Score: 3, Insightful

      There is hardly ever a shortage of skills at such a geographically large scale, rather there is a shortage of candidates willing to work at the offered rate. If there really was a true shortage, as will all supply and demand scenarios one would see a significant rise in pay rates across the sector, which as not happened.

      --
      GPLv2: I want my rights, I want my phone call! DRM: What use is a phone call, if you are unable to speak?
    5. Re:You know I've been wondering about this.... by hackula · · Score: 2

      There is a shortage of experienced cream of the crop programmers... go figure. Personally, I love working in an industry where there is a shortage. I get to work wherever the hell I want for (almost) any company I want (or for myself), and for just about whatever pay I want (depending on my current tolerance for shit). People are more than welcome to go the H1B1 route or the shit-VB "programmer" route; either way they will get poor results. I work with programmers all over the world, and I can tell you that there are awesome quality devs outside the US and Western Europe... but they cost the same or more as their US equivalents, and are about as rare. Decent programmers are simply hard to come by. It is a mentally challenging job that 99% of people could never do and the remaining .9% cannot do any better than the bare minimum. Wait and get a good dev for 140k, and watch him mop the floor with the 5 man team at 40k each. It's just economics: pay more than your competitors, don't be a masochistic boss, and let people feel they are making a difference; you will have the best devs knocking down your door to work for you. See Fog Creek for a perfect example.

  4. Assembling? by The+Grim+Reefer · · Score: 5, Funny

    Or rounding up?

    [puts on tinfoil hat]

    1. Re:Assembling? by reboot246 · · Score: 4, Interesting

      Many would say that working for DHS would be working for the enemy. They are quite good at terrorizing U.S. citizens.

  5. If it worked like the Army reserve, I'd be in. by jerpyro · · Score: 4, Interesting

    Think about it, you participate one weekend a month for sec training and preparedness drills, and take on a special project every once in a while, and get the military benefits without leaving your house. I'd be in for that, especially if it (being those projects) could be done as moonlighting outside my regular job. That doesn't sound so bad.

    1. Re:If it worked like the Army reserve, I'd be in. by girlinatrainingbra · · Score: 5, Informative
      re: If it worked like the Army reserve, I'd be in. Think about it, you participate one weekend a month for ,,,

      .

      You do know that :

      -- quite a few of the reserves are actually deployed at the present;

      --a lot of the National Guard is called out and deployed at the present;

      -- a lot of people who have finished their tours are told that they must re-up.

      .

      Even if they are not deployed overseas, they are often activated to take the place on base of combat troops who are deployed overseas. So if you're part of the Ready Reserve, be ready to be deployed at any time of need. Not that there's anything wrong with that. Just know about that ahead of time.

    2. Re:If it worked like the Army reserve, I'd be in. by stephanruby · · Score: 4, Informative

      I'd be in for that, especially if it (being those projects) could be done as moonlighting outside my regular job. That doesn't sound so bad.

      If they actually pay you for it, I doubt they'd let you do it at home.

      Think about it, you participate one weekend a month for sec training and preparedness drills, and take on a special project every once in a while, and get the military benefits without leaving your house.

      The US military is famous for switching job descriptions once people have entered their ranks.

      Many people want to be Air Force pilots for instance, so they sign up with the Air Force, but when they find that it's really too competitive to be a pilot, or they don't have the political connections to make that happen. It's too late already -- they've signed on the doted line. The same goes for State Military Reserves, most thought they were committing themselves for a limited time duration of possibly doing disaster relief work, or at most that they might fight within the US in case it ever got attacked, not they were going to fight in Iraq in a pre-emptive war, and nor did they know that their contracts could be changed indefinitely at will.

    3. Re:If it worked like the Army reserve, I'd be in. by stephanruby · · Score: 4, Interesting

      That's not switching the job description, I'm pretty sure you sign up to be in the Air Force, I'm pretty sure they won't promise you'll be a pilot or a sniper before you sign up (maybe that it's a possibility).

      Fine, disregard my Air Force example, but what about my Reservists example?

      That's like signing up to work at best buy and then saying they duped you when you don't become manager.

      This is true enough, may be not about Best Buy, I don't actually know that many people who dream of becoming Best Buy managers, but this does happen in other professions. For instance, in law firms, the carrot of becoming a partner usually gets bandied about for seven years, even if they know from the start that you'll never make the cut.

      And this is different from the military, because the military is not some law firm you can join one day, and then quit the next as their lies get revealed to you. If you ever join the Reserves, they'll own you from that point forward. It doesn't matter if you fulfilled your contract, and retired from the military. Current events have shown that it's far more palatable to the American public to back-draft reservists into the military than to enact a mandatory draft, or to pay them actual wages super high enough that would make them want to actually go back.

      Also, changing job description is not the only lie recruiters will tell you. See article below.

      [...]

      Last year, ABC News armed a group of high school students with hidden cameras and sent them into ten Army recruiting stations in in New York, New Jersey and Connecticut, posing as potential applicants. Sadly, the Army failed this particular recruiting ethics test. More than half of the recruiters were caught on tape making what can only be kindly referred to as "misleading" statements. In other words, they lied.

      One recruiter was filmed telling the applicant that his chances of being deployed to Iraq or Afghanistan after basic training and job school were"slim to none." One recruiter bluntly stated that the Army wasn't sending people to Iraq anymore -- in fact, they were bringing them home. One simply said, "War? What war? The war ended years ago."

      Another recruit was told he could quit the Army anytime he wanted to, just by asking, under a "failure to adapt" discharge. (Hee, hee.....Go ahead. Tell your drill sergeant you want to quit. But, make sure you tell me in advance. I want to sell tickets.)

      [...]

      Top Ten Lies Told by Recruiters

    4. Re:If it worked like the Army reserve, I'd be in. by cold+fjord · · Score: 2

      The relative number of reserve and National Guard active are not that large compared to the total reserve force. The current goal is no more than three or four deployments over the course of a career - assuming there is a need for that force level deployed to a war zone, which seems unlikely to me.

      Managing the Reserve Components as an Operational Force

      In January 2007, the Secretary of Defense established total force utilization guidelines that included the planning objective for involuntary mobilization of National Guard and Reserve units and individuals of a “one year mobilized to five years demobilized ratio.” This guideline does not mean that every Reserve member will serve one year out of every six years. . . .

      Many skills that are useful to the uniformed military are difficult to acquire through traditional accession policies, are challenging to obtain on short notice, or are only needed for a limited duration. These skills might include cutting edge, technical skills such as those possessed by engineers, scientists, or information technology professionals, as well as specialized skills such as languages and cultural understanding. Flexible affiliation options allow the Services to meet requirements with individuals who may be willing to volunteer for some form of military service for short periods of time or in response to specific emergencies, but for whom traditional affiliation programs are not of interest. Thus, removing barriers that limit Reserve members from contributing more to defense missions is an ongoing and necessary process.

      - - -

      -- a lot of people who have finished their tours are told that they must re-up

      I think you're confused. Service members were not told they must re-up, but rather some had their service period involuntarily extended by a "Stop Loss" order due to critical wartime need. Now some service members face the prospect of having their service period involuntarily shortened as the military has started shrinking again.

      Stop Loss Special Pay

      Stop loss provides a valuable and critical tool to quickly retain and generate forces to surge in a major conflict. However, as deployment schedules stabilize, the department must then adapt and minimize its use of stop loss. The secretary of defense announced in March a comprehensive plan to eliminate the current use of stop loss, while retaining the authority for future use under extraordinary circumstances.

      Army Stop Loss Special Pay
      Soldiers, veterans and survivors of those whose service was involuntarily extended under Stop Loss between September 11, 2001 and September 30, 2008 can apply to receive $500 for every month, or portion of a month, they served under Stop Loss.

      More soldiers will face prospect of early-outs

      --
      much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
  6. Please, just stop... by FSWKU · · Score: 5, Interesting

    Once again, the clueless people in high places prove they don't understand. Attaching "cyber", "e", "online" or even "with a computer" to something does NOT make it a new threat. And "Cyber Pearl Harbor"? Gimme a damn break. There is no need to try and compare unlawful access to a computer system by a foreign entity to an attack that killed thousands of people and drew the US into one of the bloodiest conflicts in human history.

    Espionage is espionage, regardless of wether it's someone sneaking documents out of a building or tapping into someone's computer system. Just because something happens on a computer does not automatically make it a new class of crime for which there must be an immediate expenditure of untold sums of taxpayer money.

    So please, governments....stop with the crap already...

    --
    "So after all this, you make my case for me. To end this stalemate, you must die..."
    1. Re:Please, just stop... by Penurious+Penguin · · Score: 3, Insightful

      I think they know this well enough, but their terminology is specifically targeted at the sort of people who consider the act of defacing a webpage serious hacking. What we really need is a GUI interface in Visual Basic to track the IPs of these terrible cyber-terrorists. That'd do it, mark my wurd.

      --
      Forward! -- Emperor Norton, 2012
    2. Re:Please, just stop... by Anonymous Coward · · Score: 5, Insightful

      But but but people connect their power plants and natural gas pumping stations to the internet because they wanted to post some updates on their facebook or do a foursquare checkin and they forgot their iPhone at home! Then when some work gets into these control systems and causes problems (maybe even people could die), it is not because of action of some locals that hooked up critical systems to the internet. It will be "digital perl harbor"!!

      In politics it is not about rationality and common sense. It is about posers and perceptions. Hell, that's how we almost all died back in the engineered "Cuban missile crises".

      So when some retards screw up a power grid, the result will be "how do we respond?!? war! WAR!", not "why were these systems on unprotected networks?".

      Times change, but our thought patterns seem to clearly remain back in the stone age. DHS just proves the point once again.

    3. Re:Please, just stop... by user32.ExitWindowsEx · · Score: 2

      Why would this hypothetical plant be connected to anything?
      If it has data connections to anything more than the other ends of the intake and outflow pipes the people who decided to include such connections should be charged with treason and shot.

      If it can be hacked via a genuinely-needed connection the people who made the hack possible should be charged with treason and shot.

      --
      "Evil will always triumph because good is dumb." -- Dark Helmet
    4. Re:Please, just stop... by flonker · · Score: 2

      Regardless of terminology, a massive attack on the virtual infrastructure is a different class of attack and requires a different class of defense. The term 'cyber Pearl Harbor' is ridiculous and disrespectful to those who were at the real Pearl Harbor. Also, DHS is probably the worst department to be in charge of, well, pretty much anything. The NSA would be a much better choice.

      With that said, I think it's not too bad of an idea once you realize what the proper response is to a massive attack on the entire Internet. Technical support. Calling up (or visiting in person) millions of users and sysadmins and walking them through the process of securing their systems. A phone call might not do it, because you can't flash a badge over the phone, so (rightfully) nobody would trust you.

      OTOH, targeted attacks such as "break into a wastewater treatment plant, use the SCADA controls to prematurely dump a tank of sewage into the clean water intake" mentioned by the AC, are yet another class of attack, and you don't need the extra manpower of a reserve force in order to deal with the technical fallout of such an action.

      And, of course, if someone were to find something a new class of bug similar to SQL injection, wherein the only solution would be to update huge amounts of code all over the Internet, well, even a reserve force might not be enough to fix that kind of problem. Look at how long it took to resolve Y2K.

      Personally, I would consider signing up for this type of "cyber-reserve", but I would hesitate doing so under the DHS. Also, I wouldn't sign up unless I knew ahead of time what was expected of me, and that there would be no bait and switch.

    5. Re:Please, just stop... by zerro · · Score: 2

      Espionage != sabotage

      Look at the computers on the desk here:
      http://ronslog.typepad.com/ronslog/2008/05/eagle-mountain.html

      Any clues as to control over some of the SCADA systems here might do?

      in my best "say what again!" voice: Tell me it's not gonna cause problems!

    6. Re:Please, just stop... by niftydude · · Score: 2

      We're talking about China deciding that the USA needs to be taught a lesson.

      Why would China want to teach the USA a lesson? The Chinese already own most US debt.

      The only reason the US could be justifiably paranoid about what China can/can't do to them, is if the US intends to default on China, stop paying interest, and pre-emptively attack China to get out of the situation.

      --
      You can never know everything, and part of what you do know will always be wrong. Perhaps even the most important part.
    7. Re:Please, just stop... by SB9876 · · Score: 5, Informative

      Ummmmmmm...
      Have you just not been reading anything at all about the pervasive SCADA security holes that keep popping up everywhere? Hooking industrial control hardware to the internet to centralize monitoring, control and update has been a huge industry movement. Combine that with a mindset in the SCADA industry and end users that is much more focused on reliability than security and you get the equivalent of thousands of pieces of hardware on the internet with the security equivalent of a wireless router with the default admin account and password.

      The SCADA security holes have only recently come to the attention of the industry. I can assure you that there's a giant collective brick being shat over it but fixing this stuff takes time.

      And foaming at the mouth about honest mistakes isn't going to solve anything.

    8. Re:Please, just stop... by johnnick · · Score: 3, Informative

      >The bacteria that enter the drinking supply poisons a good portion of an entire city and thousands (if not tens of thousands) die.

      Because no one, not even the people there at the plant, notice that the sewage is going into the water, and no one notices that the water smells funny, etc., etc. NYC is dealing with something like this right now in the wake of hurricane Sandy. See http://www.huffingtonpost.com/2012/10/30/hurricane-sandy-sewage-toxic-_n_2046963.html.

      Killing people with computers is a LOT harder than killing them with kinetic weapons because, aside from people being monitored by computers in hospitals, most people aren't directly relying on the computers to keep them alive.

      The north eastern US suffered a major, multi-day blackout a few years ago. It did not bring the country to its knees. Similarly, regional weather events may shut down transit/business/etc., but people are moving to backup systems (e.g., walking/biking to work in the case of NYC) and dealing for the time it will take to bring the systems back online.

      Any cyber attack that could actually meaningfully harm the US would cross the line into casus belli and likely receive a kinetic response.

      It's possible that some kind of cyber attack could be used as a distraction or to syphon off resources while a kinetic attack takes place, but that's still assuming some other nation believes it is in their national interests to get into a shooting match with the US.

      Sen. Lieberman had an opinion piece in the NYT (http://www.nytimes.com/roomfordebate/2012/10/17/should-industry-face-more-cybersecurity-mandates/the-cyber-threat-is-real-and-must-be-stopped-by-business-and-government) supporting your position. Numerous real security professionals would disagree, from Bruce Schneier (http://www.schneier.com/blog/archives/2012/10/stoking_cyber_f.html) to people like Scot Terban (http://www.schneier.com/blog/archives/2012/10/stoking_cyber_f.html).

      --
      "The plural of anecdote is not data."
    9. Re:Please, just stop... by zerro · · Score: 2

      of course there should be an air-gap on any plant system like this, and likely is...
      But then again there are things specifically targeted at jumping air-gaps.
      I dont think there are any "experts" who believe stuxnet/flame hit targets directly.

      I dont think these plants would have information security on par with nuclear power plants

      But hey what do i know!

      The preceding post brought to you by: Conjecture.

    10. Re:Please, just stop... by Absolutely.Geek · · Score: 4, Informative

      As someone who works with this stuff all the time, I feel I can say this with some degree of authority, if you connect your SCADA / PLC system DIRECTLY to a internet connected PC. You should be drawn and quartered / keel hauled for pure stupidity.

      I have access to some of my customers sites remotely, all of them are through secure VPN then either RDP from the secure connection or in one case through citrix to the computer in question. If their IT dept can't sort out VPN security that is another issue entirely.

      When it comes to industrial gear stability is #1, #2, #3 and #4 on the list of priorities, and #5 is physical security, most plants that I have worked at are fenced and require you to go through a gate house of some sort before you can enter site, this is not because they are doing some super secrete work it is for liability issues, if some retard sneaks onto the site and gets an arm ripped off because they put their hand in some bit of plant, the fines and paperwork would be hideous.

      Most computers on industrial sites will be running unpatched XP SP2, but it is ok because there should not be any internet connection to these machines. USB's should also be limited to trusted ones for backups.

      Ok rant over.....I could go on....

  7. Don't sign up the best, send away the worst by Anonymous Coward · · Score: 2, Funny

    I can't help thinking we'd be better off sending our very worst programmers overseas instead. If you really are a computing screw up, the kind of guy that turns a "hello world" into an infinite loop, your truly are an asset to this nation and we'll gladly sponsor your job application to iran or north korea. Problem solved.

  8. really? by epyT-R · · Score: 2

    well then it's time for the people in charge of this, who were probably the lawyer/prep/ivy league have-it-alls in highschool, to get over their cliquish demands for irrelevant shit like dresscode conformity, good looks, superficial pop culture interests, and top tier athleticism if they want the very best technologists. Of course, if these assholes had learned anything since high school, they'd realize calling anything 'cyber' or 'virtual' scares away the people they're trying to bring in before they even start.

  9. sorry leon by Lehk228 · · Score: 3, Funny

    Sorry leon, /b/ still is not your personal army

    --
    Snowden and Manning are heroes.
  10. Worried about cyber perl harbor? Give me a break. by Anonymous Coward · · Score: 3, Informative

    If that were true, it would have already happened by now. I mean, wtf are the US's enemies waiting for?

    Here's what someone said back in 1998:

    PREPARED STATEMENT OF SENATOR FRED THOMPSON
    CHAIRMAN

    COMMITTEE ON GOVERNMENTAL AFFAIRS

    MAY 19, 1998

    "WEAK COMPUTER SECURITY IN GOVERNMENT: IS THE PUBLIC AT RISK?"

    The Governmental Affairs Committee today is holding the first of a series of hearings on the security of federal computer systems. The potential benefits promised by computers are contrasted with inherent risks to our security and public safety. While advances in computing power potentially can remake how the government does business and how future wars are fought, it also creates vulnerabilities which must be reduced. Today’s hearing will address the darker side of the information revolution while exploring how we can better protect government information.

    Computers are changing our lives faster then any other invention in our history. Our society is becoming increasingly dependent on information technologies, which are changing at an amazing rate. Consider a couple of examples:

    The singing greeting cards which you buy today for $2 have more computing power then existed in the world before 1950.

    A video camera which you buy today for less then $1000 has more computing power then a 1960s computer the size of this room.

    Combine this rapid explosion in computing power with the fact that information systems are being connected together around the world without regard to geographic boundaries. The increasing ability of computers talking to each other offers both opportunities and challenges.

    In today’s hearing, we will discuss these challenges. We will hear that the nature of this challenge comes from the fact that our nation’s underlying information infrastructure is riddled with vulnerabilities which represent severe security flaws and risks to our nation’s security, public safety and personal privacy.

    While "hacker attacks" receive much media attention, what worries me are the attacks that go unknown. The nature of attacks in the information age seems to allow a malicious individual or group to reach out and inflict extensive damage from the comfort and safety of their home.

    We must ask whether we are becoming so dependent on communications links and electronic microprocessors that a determined adversary or terrorist could possibly shut down federal operations or damage the economy simply by attacking our computers.

    At risk are systems that control power distribution and utilities, phones, air traffic, stock exchanges, the Federal Reserve, and taxpayers’ credit and medical records. Unfortunately, government agencies are ill-prepared to address the situation. We as a nation cannot wait for the "Pearl Harbor" of the information age. We must increase our vigilance to tackle this problem before we are hit with a surprise attack.

    Our witnesses today have substantial knowledge about what the problems really are and can recommend solutions. First, Dr. Peter Neumann, a recognized private-sector expert on computer security, will provide the Committee with an overview of information security issues and testify on the systemic security problems in the government’s computer systems.

    Then we will hear from L0pht -- seven members of a "hacker think tank" who identify security weaknesses in computer systems in an effort to persuade companies to design more secure systems. L0pht members will testify about specific weaknesses which enable hackers to exploit the nation’s information infrastructure and government information.

    Excuse me if I can't take the government seriously about preventing a cyber "Pearl Harbor". What'll happen is that there will be some attack w

  11. They don't pay. by HerculesMO · · Score: 2

    Why would you hire an expert computer hacker/programmer/systems guy/girl if they can get paid 3x the amount working in a private company?

    If you want to create an elite set of 'ubergeeks' you need to pay them a lot of money, allow them to work in jeans and tshirts, endless supply of mountain dew and snacks.

    Or otherwise work for Google.

    --
    The price is always right if someone else is paying.
    1. Re:They don't pay. by SB9876 · · Score: 2

      There's no shortage of very technically savvy people in the military and other branches of the federal government as well as academia. All of those pay well below the industry average. Not everyone is solely motivated by money.

      You seem to think that the military is solely composed of 18-year old recruits from the ghetto. I seem to recall that digital computers, the internet and even the space race all have their roots in military R&D. One might make an argument about the relative creativity/research productivity per $ of private industry vs academia vs the military but it's a silly argument to think that the military is incapable of this sort of work or that people wouldn't accept lower pay to do something they believe in.

  12. Aight by coma_bug · · Score: 2

    I put on my robe and wizard hat.

  13. I'll work cheap... by GodfatherofSoul · · Score: 3, Funny

    ...just hook me up with some of them Colombian hookers the Secret Service has been recruiting for their Randy Reserves.

    --
    I swear to God...I swear to God! That is NOT how you treat your human!
  14. More like dividing and conquering by Anonymous Coward · · Score: 5, Insightful

    Look she spouted a lot of garbage about 'cyber-geddon' and it was torn apart by geeks pointing out that hacking a web page of a power station with its 10 visitors a day, is not synonymous with attacking the power station, and that the fix for these problems is to keep critical stuff on private network links.

    So they hire a few geeks who will talk sh1t to attack the real enemy, us and our plain talking common sense! The War on Common Sense!

    I noticed that the Russian Hacker, Georgia revealed a few days ago, was a sad man living in a crappy room, not a soldier in a military uniform surround by War Game screens. They are just a pest, and for Georgia it should have patched its servers and locked down its logins, even for the government websites so he couldn't deface them.

    If you have a problem, you fix the problem, you don't declare war on it.

  15. New Perl Harbor: The Sequel by Penurious+Penguin · · Score: 3, Funny

    New Pearl Harbor is a melodramatic pre-imagining of the teenage attack on U.S. power-grids and the subsequent DooAlittleMoreThanNecessary Raid. While not directed by Michael Bay, fans of his in the CIA have collaborated with the makers of Innocence of Muslims and Rupert Murdoch in this captivating mind-wrenching sequel.

    "When you see the part where Leonardo DiCaprio telnets into the Pentagon and sends drones to Moldova, you'll shit your pants!" -- Sock Puppet Reviews

    "If you told me Justin Bieber could've played such a convincing hacker, I'd have laughed in your face" -- Hillary Clinton

    "It brought tears to my eyes, and I was a POW." -- J. McCain

    "Thank Yahweh for benzodiazepines! " -- Janet Napolitano (Eight-Time Mother of the Year Award Winner)

    "You'll need your Mountain Dew for this one!" -- Anonymous

    *Partially plagiarized from wikipedia.

    --
    Forward! -- Emperor Norton, 2012
  16. Military Intelligence by Anonymous Coward · · Score: 3, Interesting

    Didn't we all get into technology for the meetings, the red tape, the bureaucracy, the TPS reports, the PHBs (pointy haired bosses)

    In no particular order, the Heroes at Homeland Security will clap the leg-irons onto all their tame geeks, will lock down every box, will firewall every internal network, will take away every admin priv, will assign a "handler" to every geek with veto authority on every mouse click. And then? Of course the token techies will be crucified for not being able to use their non-existent resources to defend Wal-Mart from the script kiddies

    They're looking for scapegoats my friends, don't fall for it

  17. Not a chance in Hell ... by Infernal+Device · · Score: 2

    The DHS is the worst idea to come out of Washington and that's a town that's pretty much only ever generated bad ideas. I'd rather be waterboarded than lift a finger to suport that particular government agency.

    --
    "My God...it's full of trolls!"
  18. Conflating and misleading by Anonymous Coward · · Score: 2, Interesting

    "The SCADA security holes have only recently come to the attention of the industry. I can assure you that there's a giant collective brick being shat over it but fixing this stuff takes time."

    Rubbish.

    What DHS is doing talking and what you also did was this:
    a) Talking about SCADA system vulnerabilities and mentioning STUXNET as evidence of it (and not mentioning that it had to be introduced by a spy inside the plant and not internet facing)
    b) Talking up cyber intrusions on web servers (which are internet facing).
    c) Conflating the two as if they are both cyber attacks and thus the man attacking the web server can attack the SCADA system because they're both 'cyber'.

    SCADA systems as NOT mostly on the internet with open logins, that's a fooking lie. This problem has been known from the start and the technicians who put these systems in are no idiots who've only just found out there may be a problem.

    The problem here is the misinformation from the DHS to pump its own budget.

  19. Do you has? by bunbuntheminilop · · Score: 2

    All right maggot, fallout! Colonel Homestarrunner is recruiting the most elite team of crack commandos to invade Strongbadia. Do you has what it takes to join the Homestarmy? Will you bring a sack lunch and some orange slices for me and serve your country? WILL YOU STUPID!?

  20. Every time I read or hear "Homeland" I think by 3seas · · Score: 4, Insightful

    Hitler and the motherland....

    1. Re:Every time I read or hear "Homeland" I think by deimios666 · · Score: 2

      Germans had a Fatherland. I believe Russia was called the Motherland.

      --
      I think, therefore you are.
  21. Re:the power grid needs to link all the plans and by dynchaw · · Score: 2

    Yes, but plants and sub-stations don't need to shop on e-Bay or check their Facebook status now do they?

    If they need to be connected to a network, make it a private network and most of these issues go away.

    There is no sane reason that these networks and these facilities should not be air-gapped from the internet at large. There are ways around the air-gap (stuxnet), but even these are trivial to prevent by not allowing random USB keys from outside by gluing the port closed and/or securing the hardware properly, and/or beating anyone stupid enough to do this with a stick.

    It's not nuclear science or anything, it's just common sense.

  22. Umm... from a person that... by m6ack · · Score: 2

    From a person that doesn't do email. Truly, truly incredible.

    I know this will ruin my Karma, and... I have never used this language in a public forum in my life, but, it's warranted...

    Not only "no," but "HELL NO!" you Hitlarian Fascist bitch.

  23. I WANT YOU! by Anonymous Coward · · Score: 2, Funny

    http://www.nationaldefensemagazine.org/archive/2011/August/PublishingImages/Cyber_UncleSam.jpg

  24. welcome back to the 90's! by datapharmer · · Score: 3

    Does that website actually use tables? maybe one of the first "1337 skilz" they get should be someone that knows how to use something newer than frontpage 2000 and knows better than to put an unobfuscated email addresses like infragardteam@infragard.org as a contact link.... unless this is a honeypot those poor bastards are going to get a serious introduction to spam. How clueless.

    --
    Get a web developer
  25. No functional difference. by girlinatrainingbra · · Score: 2
    You're right that I used the wrong words. Your words were: "Service members were not told they must re-up, but rather some had their service period involuntarily extended by a "Stop Loss" order due to critical wartime need." However, there is no functional difference between thou must stay on the job vs. thou shall not be let go from your duty obligations even though the obligations may have ended in fact your duty obligations must continue onwards.

    .

    Those are two phrases that parse out to the same functional content. It's like a breach of contract, even if they add on extra money ex post facto. Signing up for something which is supposed to be for period x and then having it involuntarily exchanged for period y, where $y\gtx$ (y is greater than x). I don't know if you see the non-difference between "involuntarily extended" and "forced to re-up": my opinion is that you'd have to concede that there is no functional difference.