Obama Signs Cybersecurity Executive Order

← Back to Stories (view on slashdot.org)

Obama Signs Cybersecurity Executive Order

Posted by Soulskill on Wednesday February 13, 2013 @07:01AM from the no-more-flash-or-java-in-fighter-jets dept.

An anonymous reader writes "Last night before the State of the Union speech, President Obama signed an executive order for improving cybersecurity of critical infrastructure (PDF). The highlights of the order are: 'information sharing programs' for the government to provide threat reports to industry; an overarching cybersecurity framework developed by NIST to figure out best practices for securing critical infrastructure; and reviews of existing regulations to make sure they're effective. The ACLU supports the Order, as does the EFF. '"A lot of what this shows is that the president can do a lot without cybersecurity legislation," said Mark Jaycox, policy analyst and legislative assistant for the Electronic Frontier Foundation, who points out that the executive order satisfies the need for information sharing without the privacy problems that existed under legislative proposals where loopholes would have allowed companies to dump large amounts of data on the government in an effort to obtain legal immunities. Without those immunities, companies will by nature be more circumspect about what they provide the government, thus limiting what they hand over, Jaycox said.'"

74 comments

Min score:

Reason:

Sort:

Here's a start... by ackthpt · 2013-02-13 07:03 · Score: 3, Insightful

Stop putting every computer on the same network. Stop using Windows for everything.

--

A feeling of having made the same mistake before: Deja Foobar
1. Re:Here's a start... by Anonymous Coward · 2013-02-13 07:14 · Score: 2, Insightful
  
  The US government already has several separate secure networks, and utilizes non-Windows OSes where appropriate.
  Do you want the gubbermint telling you how to run *your* networks and computers? I'm sure that NSA patch is really just a clever way to let them spy on you.
  Seriously, that's not a start, that's just a silly aside with no meaning.
2. Re: Here's a start... by Anonymous Coward · 2013-02-13 07:25 · Score: 0
  
  You must be new here. Welcome to Slashdot!
3. Re:Here's a start... by Anonymous Coward · 2013-02-13 07:50 · Score: 0, Insightful
  
  That should read: Stop using Windows for anything.
4. Re:Here's a start... by egamma · 2013-02-13 08:11 · Score: 1
  
  Stop putting every computer on the same network. Stop using Windows for everything.
  Excellent idea! Why don't you disconnect from the Internet and then...oh. You don't want to follow your own advice?
  
  --
  Battlemaster--Game with friends in medival realms
5. Re:Here's a start... by Anonymous Coward · 2013-02-13 08:54 · Score: 0
  
  Every computer on internet != OP's computer on internet
6. Re:Here's a start... by Anonymous Coward · 2013-02-13 11:21 · Score: 0
  
  The guhmit's favourite networks are ad-hoc wifi networks mostly named hpsetup. They don't work to well, much like the "limited" connectivity of some other wireless N and wireless G networks. Limited meaning "mental capacity". Anyways, America's best stores such as Best Buy are not able to use WiFi to connect the same cameras they sell to the same laptops they sell. It is interesting to note that Best Buy seems -quite impeccably indifferent- to such -atrocities- and bally-hoo. Perhaps the AIC needs to run a fox-trot to a Best Buy store and comtemplate their royal and esteemed, dillusional and untidy shortcomings. Tally-Ho!!! And please visit one of the various fine french food and clothing delicacy stores which line the streets of downtown London!
7. Re:Here's a start... by ackthpt · 2013-02-13 11:34 · Score: 1
  
  The US government already has several separate secure networks, and utilizes non-Windows OSes where appropriate.
  Do you want the gubbermint telling you how to run *your* networks and computers? I'm sure that NSA patch is really just a clever way to let them spy on you.
  Seriously, that's not a start, that's just a silly aside with no meaning.
  People overestimate the planning and intelligence of government technology infrastructured. So much of it is left up to contracters who know how to write a MOU which sounds good, but then they execute the implementation with a load of cheap tech monkeys. Believe me, I work with this stuff constantly. Fragile systems, systems with competing heads, ignorance run amok. I have talked with some people in positions in the government and they are very frustrated, but every contract goes to the bidder who knows how to win, but may totally be inept at implmentation.
  It's fun to see government talk about cleaning this up, but without actually hiring experts and technical staff into government to do the job on government payroll, don't expect much for your money.
  
  --
  
  A feeling of having made the same mistake before: Deja Foobar
8. Re:Here's a start... by hairyfeet · 2013-02-13 11:43 · Score: 1
  
  Ahh yes, security by obscurity works so well, doesn't it? Meanwhile Android which so many here proudly proclaim is Linux is on its way to the one millionth infected system by summer, macs have had multiple bugs in the past year and a half, hell nearly every repo on the planet served up a malware infected Quake 3 for months!
  Magical thinking DOES NOT WORK, and any OS short of one that is air gapped is gonna have weaknesses. A modern OS is one of the most complex creations man has ever written and since man is fallible it WILL have bugs. In the end it comes down to common sense, using best security practices like least privilege and as you say not sticking the whole place on one big network, but saying that "Use Distro X!" will magically do jack shit about malware is just magical thinking. Android proved without a shadow of a doubt that Linux is just as weak as any other OS and all it takes is it becoming popular for it to have as many bugs as a Bangkok whore after coupon day.
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
9. Re:Here's a start... by Anonymous Coward · 2013-02-13 13:23 · Score: 0
  
  But... but...
  my manager keeps telling me "windows is the industry standard" "all our clients use it" "it's easier to maintain" and that "I know how to fix and update it if I have to"...
  What do you have against windows?
  *:trollface*
10. Re:Here's a start... by Anonymous Coward · 2013-02-13 21:25 · Score: 0
  
  Your wrong the only thing Android proved is that Google were idiots for using Java!!!
Goodbye Free Internet by ButchDeLoria · 2013-02-13 07:09 · Score: 1, Insightful

Now that the corporate puppet has put his masters' signature on this document, The Powers That Be can continue to shove shit media down the throats of the masses.
1. Re:Goodbye Free Internet by Anonymous Coward · 2013-02-13 07:14 · Score: 0
  
  So...Barack Obama is a corporate puppet. But his masters' names are Barack Obama? I'm confused.
2. Re:Goodbye Free Internet by interkin3tic · 2013-02-13 07:18 · Score: 1
  
  Did you read the summary or any of TFAs?
  
  Seriously. Unless I'm utterly failing at reading comprehension (considering I'm late for something, I might be) this is exactly the opposite of what you're saying. This sounds like a move to prevent CISPA/SOPA from rising from the grave. The ACLU and EFF are in favor of it and were opposed to CISPA/SOPA.
  
  COnsidering there were reports from "sources" that Obama would enact CISPA, I'm a little hesitant to jump for joy. And again, I was only skimming.
3. Re:Goodbye Free Internet by Jeremiah+Cornelius · 2013-02-13 07:26 · Score: 1
  
  http://www.dailymotion.com/video/xo5hqn_snl-banned-episode-media-controlled-conspiracy-theory-rock_fun
  
  --
  "Flyin' in just a sweet place,
  Never been known to fail..."
4. Re:Goodbye Free Internet by Anonymous Coward · 2013-02-13 07:30 · Score: 2, Funny
  
  Perhaps he's master of his own domain?
5. Re:Goodbye Free Internet by Anonymous Coward · 2013-02-13 07:40 · Score: 0
  
  I'm pretty sure the First Lady is the master of Pres. Obama's domain.
  You don't marry a strong black queen and keep on jerking it into a tube sock.
6. Re:Goodbye Free Internet by erroneus · 2013-02-13 08:14 · Score: 1
  
  Awesome. I can't believe it's there for anyone to see :) Where is it "banned" and by whose authority?
7. Re:Goodbye Free Internet by Jeremiah+Cornelius · 2013-02-13 11:53 · Score: 1
  
  From NBC, by NBC. I suppose.
  I just don't see why. With their hubris, you expect that they'd make it compulsory viewing - and then laugh at our squirming helplessness.
  
  --
  "Flyin' in just a sweet place,
  Never been known to fail..."
8. Re:Goodbye Free Internet by hairyfeet · 2013-02-13 12:51 · Score: 1
  
  It was originally a skit on SNL, yet you won't find it ever shown after the original air in reruns, nor is it in any box sets. The corporate masters really weren't too thrilled with a show having a piece pointing out how they get corporate welfare or use PACs and soft money to get away with crimes like dumping PCBs and making the state pick up the tab, hence they just cut it out. you go look for it on the corporate owned SNL site and its like it never existed, poof!
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
This has already started. with in the DoD. by RobertNotBob · 2013-02-13 07:09 · Score: 1

The DoD has been doing this with "Cleared Defense Contractors" for a while now. It's been growing significantly for the past year.
You can google DCISE for yourself, or take your chances following an embedded link on slashdot...
http://www.dc3.mil/dcise/dciseAbout.php

--
___ I don't respond to Anonymous Cowards, and I Never Mod them UP.
All done by Anonymous Coward · 2013-02-13 07:12 · Score: 0

Well, that solves that problem. Now, on to world hunger... I say we outlaw that, too.
Cybersecurity Executive Order by K.+S.+Kyosuke · 2013-02-13 07:19 · Score: 2

That's too long, I propose to abbreviate it to CyberSEx Order, it's less of a mouthful.

--
Ezekiel 23:20
1. Re:Cybersecurity Executive Order by Anonymous Coward · 2013-02-13 07:57 · Score: 0
  
  That's too long, I propose to abbreviate it to CyberSEx Order, it's less of a mouthful.
  What if I want it to be more of a mouthful?
2. Re:Cybersecurity Executive Order by davester666 · 2013-02-13 08:04 · Score: 1
  
  That's what Bill Clinton signed...
  
  --
  Sleep your way to a whiter smile...date a dentist!
3. Re:Cybersecurity Executive Order by PolygamousRanchKid+ · 2013-02-13 08:12 · Score: 1
  
  That's what Bill Clinton signed...
  That's what Bill Clinton stained...
  
  --
  Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
Checks and Balances My Ass by anagama · 2013-02-13 07:22 · Score: 5, Insightful

Welcome to the new American Paradigm.
President: Legislator, executive, judge, jury, and executioner.

--
What changed under Obama? Nothing Good
1. Re:Checks and Balances My Ass by Anonymous Coward · 2013-02-13 07:37 · Score: 5, Interesting
  
  Unlike the previous one who was only a jury and executioner thats actually a step up!
  Uhhh, no.
  Obama's gone above and beyond ANYTHING the most rabid BOOOSH IS TEH EVIL!!!! foaming-at-the-mouth twit ever dreamed up BOOOSH! might do.
  Seriously.
  Summary execution of US citizens.
  Can you IMAGINE the uproar from the /sheep had BOOOSH!!! done that?
  Yet, Obama's been doing it for YEARS.
2. Re:Checks and Balances My Ass by Mitreya · 2013-02-13 07:54 · Score: 1
  
  President: Legislator, executive, judge, jury, and executioner.
  Does this carry any (real) legal power? I can't image why would ACLU support that...
  Hypothetically, can Obama just write an executive order saying that Congress is to be disbanded immediately (or be handpicked by him instead of being elected) and that next presidential election happens in 2020?
  
  A lot of what this shows is that the president can do a lot without cybersecurity legislation," said Mark Jaycox, policy analyst and legislative assistant for the Electronic Frontier Foundation, who points out that the executive order satisfies the need for information sharing...
3. Re:Checks and Balances My Ass by sl4shd0rk · 2013-02-13 08:00 · Score: 1
  
  Meh.. the way I see it, if the EFF *and* ACLU isn't bitching about it, that's pretty rare. mod parent "-1 Resentful Conservative"
  
  --
  Join the Slashcott! Feb 10 thru Feb 17!
4. Re:Checks and Balances My Ass by Anonymous Coward · 2013-02-13 08:15 · Score: 3, Informative
  
  Welcome to the new American Paradigm.
  President: Legislator, executive, judge, jury, and executioner.
  You're confusing laws for administration policies. Reviewing existing infrastructure doesn't require legislation. Telling the various departments of the government to share information with each other doesn't require legislation. Learn the difference between a law and a policy.
5. Re:Checks and Balances My Ass by frank_adrian314159 · 2013-02-13 08:28 · Score: 4, Insightful
  
  President: Legislator, executive, judge, jury, and executioner.
  You know, he wouldn't need to be the first if the Republicans in the House wouldn't make their number one objective "non-cooperation". And, as for the last three (for which there seems to be relatively broad bipartisan support for in the corridors of power), I'm pretty sure that's limited to the occasional drone strike or declaration of someone as a terrorist. As far as executive orders concerning agencies other than DHS and other non-terrorist-related issues goes, I've seen many people drag this administration to court, so that rules out (again with caveats) the last three. So stop the hyperbole. It doesn't move discussion forward.
  
  --
  That is all.
6. Re:Checks and Balances My Ass by hierophanta · 2013-02-13 08:30 · Score: 1
  
  You mean Peoples' Champion? Because that is what it sounds like you are saying to me.
7. Re:Checks and Balances My Ass by CanHasDIY · 2013-02-13 08:32 · Score: 0
  
  President: Legislator, executive, judge, jury, and executioner.
  You know, he wouldn't need to be the first if the Republicans in the House wouldn't make their number one objective "non-cooperation".
  He wouldn't need to, regardless, if he were fit for the duties of President.
  Two wrongs never, ever make a right.
  
  --
  An enigma, wrapped in a riddle, shrouded in bacon and cheese
8. Re:Checks and Balances My Ass by FCAdcock · 2013-02-13 08:37 · Score: 1
  
  The house? They're the only ones with blame here? Then how come congress refuses to pass (or even discuss) any of the budgets passed by the house?
  It's BOTH side's fault, and it's not new. They've been doing it for years.
  
  --
  --Forest C. Adcock--
9. Re:Checks and Balances My Ass by anagama · 2013-02-13 09:14 · Score: 1
  
  A body of Federal laws so vast and vague that it is unknowable and any random person commits a federal crime unwittingly probably every day.
  President tells his minions to go after "X" group.
  Prosecutors find random law and prosecute the person.
  Result: unlimited presidential power.
  
  --
  What changed under Obama? Nothing Good
10. Re:Checks and Balances My Ass by anagama · 2013-02-13 09:15 · Score: 1
  
  No. I'm a liberal and I'm more than a little resentful about the New GOP (aka Democrats -- with the emphasis on "rats").
  
  --
  What changed under Obama? Nothing Good
11. Re:Checks and Balances My Ass by anagama · 2013-02-13 09:19 · Score: 0
  
  Unbelievably myopic DNC apologists like you are just setting us up for ruin. Your hero won't be president forever, and the next time a Dick Cheney type is in office, do you think that precedents like due process free execution, or starting a war without congressional authorization (Libya) will go unnoticed? Obama has made the future a whole lot worse. When GWB was acting like a fuckhead, people thought at least the Democrats would work to reign in the abuse. Now that the DNC has simply embraced and extended that abuse -- we're screwed, and apologists like you are making it easy.
  
  --
  What changed under Obama? Nothing Good
12. Re:Checks and Balances My Ass by anagama · 2013-02-13 09:29 · Score: 4, Insightful
  
  The whole Bush Obama thing has made me wonder if the true danger to our country will be some kind of civil war between the GOP and the DNC. Their policies are essentially the same (aside from edge issues like abortion and gay marriage(*)). On critical issues like the right not to be randomly jailed or murdered, on war, on domestic surveillance -- they're completely identical.
  Yet GOPers loathe Obama and Democrats Loathe Bush. It's personal though -- it can't be about policies, it is only a personal hate based on the person's tribal identity (party). There is no logical basis for the two groups to hate each other because they do the identical shit. What you have is the pickup truck driving GOPer sneering at the iPad toting DNCer -- not because of an actual difference in policy, but merely because of mutual hatred. And that's dangerous because there is no reason or logic -- it's pure tribalism.
  (*) I'm not saying these are unimportant, I'm saying that they don't matter if you are dead or in a gulag. There is a hierarchy of importance and there are more fundamental issues at the top of it.
  
  --
  What changed under Obama? Nothing Good
13. Re:Checks and Balances My Ass by frosty_tsm · 2013-02-13 09:29 · Score: 1
  
  The house? They're the only ones with blame here? Then how come congress refuses to pass (or even discuss) any of the budgets passed by the house?
  It's BOTH side's fault, and it's not new. They've been doing it for years.
  Correct me of I'm wrong but I recall budgets and other spending bills need to originate from the House. Nothing from the House means nothing for anyone else to do.
14. Re:Checks and Balances My Ass by Anonymous Coward · 2013-02-13 09:30 · Score: 0
  
  No... because the legislature still holds all the power to change the laws. The president instructing law enforcement to enforce laws doesn't mean the president has unlimited power.
15. Re:Checks and Balances My Ass by Anonymous Coward · 2013-02-13 09:35 · Score: 1
  
  Does this carry any (real) legal power? I can't image why would ACLU support that...
  An executive order is an order from the President to the Executive branch and has the force of legislation. The power behind the order is generally granted from existing legislation that grants the president specific powers. Other times the power behind the order comes from general hand waving, constitution rattling and the sincere belief that no one is going to have the stones and political skills to do anything serious against the order.
  So, in a nutshell, the president can order all kinds of crazy, but they need political backing to do it. Extreme crazy takes extreme political currency. Mild crazy is politics as usual.
  None of the above relates to my opinion of TFA, just a comment about executive orders....
16. Re:Checks and Balances My Ass by Anonymous Coward · 2013-02-13 09:43 · Score: 0
  
  Of course, the republicans will unroll this once they gain control (ROFL).
17. Re:Checks and Balances My Ass by Anonymous Coward · 2013-02-13 09:51 · Score: 0
  
  George Washington warned of the dangers of political parties, where the good of the party supercedes that of the body politic.
  We're there already.
18. Re:Checks and Balances My Ass by Anonymous Coward · 2013-02-13 10:47 · Score: 0
  
  He's pointing out how evil both parties are and your only thought is "An attack on my savior Obama can only come from a Bush loving Rethuglican. Must issue anti-Republican attack. Whew, crisis averted."
19. Re:Checks and Balances My Ass by interkin3tic · 2013-02-13 11:00 · Score: 1
  
  New? Oh right. Only Obama has used his executive powers. I forgot.
20. Re:Checks and Balances My Ass by Anonymous Coward · 2013-02-13 11:55 · Score: 0
  
  no he is just a simple USA bashing POS
21. Re:Checks and Balances My Ass by frank_adrian314159 · 2013-02-13 11:57 · Score: 1
  
  The house? They're the only ones with blame here?
  Oh yeah. Sorry. The Republicans in the Senate are just as bad (if not worse), using the filibuster to block anything worthwhile. Again, my apologies for not remembering them as well.
  
  --
  That is all.
22. Re:Checks and Balances My Ass by RocketRabbit · 2013-02-13 14:03 · Score: 1
  
  Non-cooperation, animosity, gridlock, whatever you wish to call it, is the ideal state for congress and the president to reside in. After all, there is literally nothing that a politician does these days that benefits the average Joe. Every bill and resolution is designed from the ground-up by lobbyists and foreign PACs in order to enrich the people sponsoring the bill (and sponsoring the people who introduce it).
  Just because Obama doesn't like being cock-blocked, this does not give him the right to assume dictatorial powers in order to push his agenda forward. Be careful what you wish for, for YOUR party (it's pretty clear you're a Democrat or well wisher / fellow traveler) because next time a Republican sits in the throne and issues these royal decrees, you'll be tasting bile.
23. Re:Checks and Balances My Ass by N0Man74 · 2013-02-14 04:50 · Score: 1
  
  Hypothetically, can Obama just write an executive order saying that Congress is to be disbanded immediately (or be handpicked by him instead of being elected) and that next presidential election happens in 2020?
  I don't know if the US President can, but the US Emperor tried it...
  http://en.wikipedia.org/wiki/Emperor_Norton#Declares_himself_.22Emperor.22
Drone warfare. by concealment · 2013-02-13 07:33 · Score: 2

Unlike the previous one who was only a jury and executioner thats actually a step up!
I think we're past the days of judges, juries and executioners.
Now after government bureaucrat #2,987,103 puts your name on a watch list, expect to suddenly explode at any time.
The age of judgment by drone has begun.
Have they apointed a Czar? by Capt.DrumkenBum · 2013-02-13 07:34 · Score: 1

Or declared war on cyber insecurity?
Because, if memory serves, those are the sure signs the US government have no more ideas and have given up.

--
If I were God, wouldn't I protect my churches from acts of me?
"Cyber" by nam37 · 2013-02-13 07:36 · Score: 1

It's 2013, can we please stop using "cyber" now?

--
The two rules for success are:
1) Never tell them everything you know.
1. Re:"Cyber" by Anonymous Coward · 2013-02-13 07:59 · Score: 0
  
  It's Wednesday, is that also relevant somehow?
2. Re:"Cyber" by lennier · 2013-02-13 08:20 · Score: 2
  
  It's 2013, can we please stop using "cyber" now?
  I always liked "information superhighway" myself.
  
  --
  You are not a brain: http://books.google.com/books?id=2oV61CeDx-YC
Oink Oink by sunking2 · 2013-02-13 07:43 · Score: 1

I smell bacon. Yet another way to increase the government payroll and supplier base.
Can we report without being sued or arrested?! by erroneus · 2013-02-13 08:06 · Score: 2

While there are lots of problems with the way things have been and are being handled, among these are the ridiculous reactions of business, education and even government has when someone says "hey, I found a problem." It's time "cyber" whistle-blowers get traditional whistle-blower protections.
1. Re:Can we report without being sued or arrested?! by Anonymous Coward · 2013-02-13 09:07 · Score: 0
  
  It's time "cyber" whistle-blowers get traditional whistle-blower protections.
  Don't worry, they'll be removing traditional whistle-blower protections soon enough, to level the playing field. See
I, for one by Anonymous Coward · 2013-02-13 08:08 · Score: 1

... welcome our new... oh hell.
Never mind.
CYBER by DarthVain · 2013-02-13 08:37 · Score: 1

Hopefully with this additional security this will keep all the "Cyber" out of Ahmerica!
I almost choked when.. by Paracelcus · 2013-02-13 09:01 · Score: 1

I almost chocked when that pusbag Panetta started the histrionically absurd oral flatulence, bleating about "cyber Pearl Harbors" and the "destruction of our infrastructure"!
It's all just one more example of this government trying desperately to frighten it's citizenry as it has found that a terrified population will accept ANY abrogation of basic liberty and constitutional rights to "keep them safe"!

--
I killed da wabbit -Elmer Fudd
You *think* Windows can't be secured? by Anonymous Coward · 2013-02-13 09:11 · Score: 1

See subject-line, & answer honestly... (doesn't matter IF you say it can't be - I know better -> http://www.google.com/search?hl=en&tbo=d&output=search&sclient=psy-ab&q=%22HOW+TO+SECURE+Windows+2000/XP%22&btnG=Submit&gbv=1&sei=3AAcUbOuFPS90QH7poCoAg )
* :)
(Heck - I practically "wrote the book" on how it's done, via those links above, & yes, it really DOES work!)
APK
P.S.=> Anyhow/anyways - Bottom-Line: Any OS out there has 'security issues' or just weak initial setup (even Linux via SeLinux in its defaults as well as MacOS X too, guides & tools exist for both to make them better though)!
However as well, on the 'flipside': Any of them can be "security-hardened" & quite easily in minutes (IF You do it as I do in those guides, + I sped that process up (CIS Tool) for Windows 7 here, vs. how I used to do it for 2000/XP/Server 2003, by saving the necessary 'tweaks' into .reg &/or .inf files for instant merges after install (which I keep my system OFFLINE during it until that's done))...
... apk
The House has passed budgets every year by Anonymous Coward · 2013-02-13 11:31 · Score: 0

House does pass budgets but the Senate refuses to pass any of them.
The ACLU is ok with this??? by Anonymous Coward · 2013-02-13 13:25 · Score: 0

Government sharing the results of their privacy invasions with corporate interests and corporate security resources being deputized. How is this not the road to a corporate sponsored dystopia?
Hairyfeet's NOT wrong though... apk by Anonymous Coward · 2013-02-13 22:10 · Score: 0

"Your wrong the only thing Android proved is that Google were idiots for using Java!!!" - by Anonymous Coward on Thursday February 14, @04:25AM (#42893639)
1st of all - you're RIGHT on THAT account, however: Hairyfeet's NOT WRONG either!
(He knows I have said the same thing he did MANY TIMES here as well on that very note too - IN FACT, a "canned cut & paste" of my former proofs on that note are in my 'p.s.' below, that I've posted here MANY times the past 2-3 yrs. now in fact... noting Android @ its termination on the SAME POINT hairyfeet noted!).
I.E.-> Android IS A LINUX variant (based on a Linux kernel) & it's showing that once an OS is most used on ANY computing platform? It becomes the MOST ATTACKED - period!
He's also correct that Linux proper, as on PC's, does get exploited, but not as much since it is in "last place" by a HUGE margin as opposed to Windows &/or MacOS X in terms of marketshare/usership on PC desktops!
Thus, it truly HAS been hiding behind "security-by-obscurity", & Android shows that much on smartphones (where it IS "king", displacing Apple's iOS).
I've seen Linux be exploited on servers too though (where it has a valid 'niche' & is OFTEN used)...
In fact - Some "examples thereof" are listed in my 'p.s.' below in fact!
(very, Very, VERY BAD ones too, no less!)
APK
P.S.=> From recent history (2010-2013 currently):
2012:
New Linux Rootkit Emerges:
https://threatpost.com/en_us/blogs/new-linux-rootkit-emerges-112012
"A new Linux rootkit has emerged and researchers who have analyzed its code and operation say that the malware appears to be a custom-written tool designed to inject iframes into Web sites and drive traffic to malicious sites for drive-by download attacks. The rootkit is designed specifically for 64-bit Linux systems."
---
'FIRST ever' Linux, Mac OS X-only password sniffing virus spotted:
http://www.theregister.co.uk/2012/08/29/linux_mac_trojan/
---
Medicaid hack update: 500,000 records and 280,000 SSNs stolen:
http://www.zdnet.com/blog/security/medicaid-hack-update-500000-records-and-280000-ssns-stolen/11444
So, what's dts.utah.gov running everyone?
LINUX (and yes, it got HACKED) -> http://uptime.netcraft.com/up/graph?site=dts.utah.gov
What's health.utah.gov running too??
YOU GUESSED IT: LINUX AGAIN -> http://uptime.netcraft.com/up/graph?site=health.utah.gov
* Ah, yes - see the YEARS OF /. "BS" FUD is CRUMBLING AROUND THE PENGUINS EARS HERE & 2012's starting out just like 2011 did below!
===
2011:
KERNEL.ORG COMPROMISED - The Cracking of Kernel.org: (that's VERY bad - do you trust it now?)
http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised
---
Linux.com pwned in fresh round of cyber break-ins:
http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/
---
Mysql.com Hacked, Made To Serve Malware:
http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware
What's that site running? You guessed it - Linux -> http://uptime.netc
1. Re:Hairyfeet's NOT wrong though... apk by hairyfeet · 2013-02-14 00:00 · Score: 1
  
  You forgot the infected Quake 3 that was served from nearly every repo for a year and a half. i especially like that one, as it shows there is too much trust by downstream repos and if you get a bug into an upstream you can just kick back and let it spread.
  But this is why I rail against magical thinking, I have seen guys who spent thousands of dollars on systems because "this product doesn't get bugs!" only to find that magical thinking doesn't work and they spent all that money for nothing.
  That is what is really sad about these "just use Linux!" types as many are probably infected now and because they know so little about their OS they probably don't even know how to check. security isn't an OS, its not a button that can be pushed, its a process that takes time to learn and requires the user be vigilant to new threats. This is why i'll always call out magical thinking when i see it being used, because there are too many that don't know better that might actually believe it and end up losing big time. I have seen a vicious hacker completely wipe out 3 years worth of family pics and videos, just to be a douchebag. So better to nip magical thinking in the bud before somebody gets hurt.
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
Instead of asking the right question by ThatsNotPudding · 2013-02-14 00:27 · Score: 1

Why are critical infrastructre, military, and non-consumer facing financials ON A FUCKING PUBLIC NETWORK AT ALL?
Impeach Obama America by Anonymous Coward · 2013-02-14 09:27 · Score: 0

The whole wide world wants it.
Hey Hairyfeet (LTNS)... apk by Anonymous Coward · 2013-02-14 10:28 · Score: 0

I "forgot it" since I don't "do" repositories (?) ala filesharing etc./et al (IF that's what you mean, that is)... so, there ya are! I honestly ACTUALLY DIDN'T KNOW about that, & am a HUGE IDSoftware fan too (the 1st post & only post I ever did with a registered 'luser' (lol) account here was to Mr. John Carmack, circa 2002 iirc... never used it again though!).
Anyhow/anyways - "onwards & UPWARDS":
Agreed - There's no "magical thinking" (woobie or talisman is what you called it before, lol, remember that?)
However, YOU must admit that I never said my "woobie" as you called it was a cure all/do all, especially since I do ALL of what's noted here -> http://www.google.com/search?hl=en&tbo=d&output=search&sclient=psy-ab&q=%22HOW+TO+SECURE+Windows+2000/XP%22&btnG=Submit&gbv=1&sei=umMdUc6zMoSJ0QHHsoHgDw by "yours truly" ( & more)...
There's only "layered-security"/"defense-in-depth", best thing we all have vs. online threats, to make it harder on the dorks that pull crap online like malware & such! Especially when software programs are weak!
(Ala Adobe Reader + Flash, JAVA weaknesses, & even javascript misuse as the "main culprits" out there, as well as unpatched wares + OS too, but not as much lately on the latter 2 @ least, & it's gotten WORLDS better on that front!)
At least, that's how I see it, so we are in agreement here!
They ALL get attacked & of course, the MORE THEY'RE USED? The more the online criminal attacks it... just like pickpockets in busy streets/throughfares, bus & train stations, etc.-et al!
Criminals ARE criminals, online or otherwise!
Same mentality, & even same type of "modus operandi" as a conman almost!
(You sort of really HAVE to "channel your inner criminal" to THINK like they would, to outfox 'em is all)..
Don't know if I ever told you this but... I used to be a loss prevention mgr. (damn good one too, if I do say so myself (lol, pats self on back), that led a chain of HUGE stores, 218 of them, for 2 yrs. straight & had to learn that... it only helped me later in computing really & in THAT very capacity... id'ing criminals & their patterns, even online!).
NOW - These "penguins" (or as I call them, the "Pro-*NIX crew of /."?
Hey man, we discussed this in email... they are MERELY FEARFUL they will be left in obscurity & wasted the MOST PRECIOUS ELEMENT THERE IS, of which there is only a FINITE amount allotted to each of us - time.
However, imo @ least?
Hey - It's never a waste to learn other tools (be it OS', programming languages, even apps...) in computing imo... besides, they really don't have to 'fear'!
Why? Well - Mr. T. & crew (Linus T.) did the RIGHT THING by diversifying into other areas since they 'failed' (not really) on the desktop & getting the "majority share" of it vs. MacOS X + Windows - smartphones did them just fine!
Things had a way of "working out" for them, & good for them... as I told you before? I like Linux... yes, I actually do, just NOT as much as Windows is all.
They do "ok" on servers too, around a 50/50 split with Microsoft Servers worldwide I'd say...
HOWEVER - YOU & I have been around here a LONG time, & have SEEN the b.s. that used to get spread around here, total "FUD" along the lines of which you allude to - that "Linux = the magical security panacea" & that only Linux = Secure, Windows != Secure etc., lol!
(What a truckload of utter CRAP that is, especially since Android show them JUST HOW MUCH SO IT IS!)
Bottom-line "rules" here is Most used = most attacked... period!
It will always be thus...
APK
P.S.=> Heh, in my younger days? Well, let's put it THIS w
1. Re:Hey Hairyfeet (LTNS)... apk by hairyfeet · 2013-02-14 18:32 · Score: 1
  
  Well at the time it sounded like you were betting it all on the HOSTS which sounded like magical thinking and as you know that is something I'm VERY strongly against but now I know its just part of a larger security plan I can see it has its place. I still prefer to run it at the DNS level since I have a low power Sempron at the shop that is perfect for the task and don't have to rely on MSFT's as you know increasingly badly done networking choices but not everybody has the luxury of a building handyman that hands piles of laptops and desktops for free so you use what you have. I really need to find somebody around here that does ebay as the laptops that need work are really starting to pile up and it'd probably be better to part most of 'em out anyway,gotta say i'm tickled pink though he brought me a barely 3 year old C2D loaded with RAM and a 500GB HDD that just needed a keyboard, looks like daddy is gonna have a netbook AND a full size.
  And as you know I'm mainly a windows guy (If you know what you are doing frankly all OSes are equal) but I found the Quake 3 bug especially telling as it showed how much blind trust downstream repos have and how little "many eyes" is useful for catching actual bugs, if I can come across the link again I'll post it.
  Finally as for Linus I get plenty of hate for saying it but he is a douchebag, he really is. If his little asshole rant wasn't proof enough the simple fact that every. other. OS. on. the. planet. has a stable ABI but jerkwad Torvalds won't allow it because of religious reasons? Sorry but that is douchebaggery. and yes its religious because ALL of their arguments break down to "ZOMFG somebody might release...gasp...non free drivers ZOMFG!" and then in the next breath they say "Use nvidia"..Well WTF do you think Nvidia drivers are? The only damned graphics drivers that work consistently are the NON FREE DRIVERS!
  But I learned a long time ago you'll never get a FOSSie to admit Linux is an OS with bugs like everybody else anymore than getting a young earther to admit the world is billions of years old so I don't bother. I have all Linux articles filtered now so i don't even see them, the posts end up a FOSSie circle jerk anyway, why waste time. Now I only chime in when obvious magical thinking is being spewed because I've seen first hand that people that have recently gotten a virus will try anything if it promises them a magical virus free life and it often leads to disaster because instead of learning how not to get viruses they change to a system they know less than nothing about and end up in worse shape, like the guy i know who went out and spent nearly 20k replacing every system in his office for Macs only to get DNSChanger and MacDefener infections.
  at the end of the day all we can do is show them the first steps while making it clear that using any one tool won't magically make you immune, be it DNS or HOSTS or AVs (which I saw an article recently that said on average AVs only catch around 6% of bugs) but that its a process they have to learn and will have to stay on top of. Sadly those that aren't geeks will be happy to take a quick fix even if it sounds too good to be true so we must be vigilant and point out when such falsehoods are spewed...peace.
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
"Good Morning"... apk by Anonymous Coward · 2013-02-15 00:02 · Score: 0

Good - you realize I combine hosts with a LOT of other "layered-security"/"defense-in-depth" & don't SOLELY rely on it alone.
You use DNS as properly as possible since I KNOW you point your recursive setup directly @ ICANN (per our email discussion of these things) - that's the BEST way to do it, since you WILL have to use recursion (since you're not one of the "root 13" main DNS servers & all that) - it's good, since they actually implemented DNSSEC (verisign & icann worked that out, even though it's more difficult to do - all DNS should be setup that way, but, they're not & MOST remain unpatched worldwide & worst of all @ the ISP level, vs. the Kaminsky DNS-poisoning redirect flaw (send dns servers "falsies", tons of them, & over ports 51/53 udp & there you are - you are redirected it)).
"Correctamundo" on "if you know what you're doing, all OS are equal" (pretty much, they have to be due to the competition "one upping" them 1 step @ a time - this is where COMPETITION IS GOOD, for the end-user/consumer)...
I too, am MORE of a "Windows guy" than anything else & for only 1 true/real reason - it's used the most, & that means more "job surface area"... mainly for PRACTICAL survival reasons (but I do honestly think Windows is way better & above the competition mainly for the quality of its applications, + the fact hardware oem's create drivers & software for it, FIRST... this, matters!).
LOL: Yea, Linus tends to "let it all hang out" & so does Theo DeRaadt of BSD fame... know what? I actually ADMIRE them for being so direct in such a "politically correct" mincing words world!
You're right about the "fossies" as you call them being stubborn... lol, if anyone knows it, it's yourself & I around here (being part of the "Microsoft minority" here on a primarily "Open SORES" forum & all that... one that's EXTREMELY "Pro-*NIX", no less).
WoW!!! Some fool actually went and REPLACED that many systems for that insane amount (20 grand) JUST for the DNSChanger issue? I hope YOU profited by it @ least, lol... that'd be a NICE "chunk of change" to make on an EASY fix, lol!
APK
P.S.=> In the end, I answered a LOT more briefly than I usually do per your points stated (lol, thank goodness, right?) - That's only since just having my a.m. coffee here's why (6:57 a.m. here) & I just woke up to find you had replied, so... "there 'tis"! See ya & "stay cool"...
... apk