House Bill Slashes Research Critical To Cybersecurity

dcblogs writes: A U.S. House bill that will set the nation's basic research agenda for the next two years increases funding for computer science, but at the expense of other research areas. The funding bill, sponsored by Rep. Lamar Smith (R-Texas), the chair of the Science, Space and Technology Committee, hikes funding for computer science, but cuts — almost by half — social sciences funding, which includes the study of human behavior. Cybersecurity uses human behavior research because humans are often the weakest security link. Research funding social, behavioral and economic sciences will fall from $272 million to $150 million, a 45% decrease. The bill also takes a big cut out of geosciences research, which includes climate change study, from $1.3 billion to $1.2 billion, an 8% decrease. The insight into human behaviors that comes from the social science research, "is critical to understanding how best to design and implement hardware and software systems that are more secure and easier to use," wrote J. Strother Moore, the Computing Research Association chair and a professor of computer science at the University of Texas.

No cuts are ever possible

[Kohath]

because every area facing cuts is always "critical".

And it's impossible for anyone to make software easy to use without government money to run a study.

Re:No cuts are ever possible

[PopeRatzo]

because every area facing cuts is always "critical".

Like this one?

http://blogs.reuters.com/great...

Over three-quarters of a TRILLION dollars on the F-35 Joint Strike Fighter that,

In 2008, two analysts at the RAND Corporation, a California think-tank that works closely with the military, programmed a computer simulation to test out the F-35s fighting ability in a hypothetical air war with China. The results were startling.

“The F-35 is double-inferior,” John Stillion and Harold Scott Perdue concluded in their written summary of the war game, later leaked to the press. The new plane “can’t turn, can’t climb, can’t run,” they warned.

$59.2B for development, $261B for procurement, $590B for operations & sustainment in 2012

For something that no one in the military actually wants.

Re:No cuts are ever possible

[schnell]

Why don't we cut a couple hundred billion out of the multi-trillion dollar "war on everything" Militaryâ"industrial complex that's obviously going so well?

I gather that you don't like or see much benefit from the US military. I saw a commenter a few slots above you suggesting that the thing to cut is Obamacare, which provides health care to people who are probably not the commenter. Some poster who is 65 will inevitably suggest that the rotten Education department must go, while someone else who is 18 will invariably suggest it should be Medicare. I have no doubt someone who lives in Arizona will suggest that Federal subsidies for homeowners living in hurricane zones be cut, and someone else from Florida will suggest that it's that Gestapo border protection troop that needs to be slashed.

It's funny how everyone seems to know with great certainty exactly the things that are totally worthless and should be cut from the Federal budget with no ill effects - which, purely coincidentally happen to be the things that they disagree with or they don't benefit from directly.

Re:No cuts are ever possible

For something that no one in the military actually wants.

That is not true - the Air Force wants it desperately. You know, the same Air Force who gave us the F4 Phantom, which was without a doubt one of the worst aircraft ever built. And it was also to be an aircraft "used by all branches of the armed forces, for all types of missions - air defense, ground attack, close air support, reconnaissance", just like the F35 - which does nothing well, and costs a LOT more per airframe; the are already having to perform retrofits and modifications for little things like:

A 2015 Pentagon report found these issues:

        The Joint Program Office is re-categorizing or failing to count aircraft failures to try to boost maintainability and reliability statistics;
        Testing is continuing to reveal the need for more tests, but the majority of the fixes and for capability deficiencies being discovered are being deferred to later blocks rather than being resolved;
        The F-35 has a significant risk of fire due to extensive fuel tank vulnerability, lightning vulnerability and an OBIGGS system unable to sufficiently reduce fire-sustaining oxygen, despite redesigns;
        Wing drop concerns are still not resolved after six years, and may only be mitigated or solved at the expense of combat maneuverability and stealth;
        The June engine problems are seriously impeding or preventing the completion of key test points, including ensuring that the F-35B delivered to the Marine Corps for IOC meets critical safety requirements; no redesign, schedule, or cost estimate for a long-term fix has been defined yet, thereby further impeding g testing;
        Even in its third iteration, the F-35â(TM)s helmet continues to show high false-alarm rates and computer stability concerns, seriously reducing pilotsâ(TM) situational awareness and endangering their lives in combat;
        The number of Block 2Bâ(TM)s already limited combat capabilities being deferred to later blocks means that the Marine Corpsâ(TM) FY2015 IOC squadron will be even less combat capable than originally planned;
        ALIS software failures continue to impede operation, mission planning, and maintenance of the F-35, forcing the Services to be overly reliant on contractors and âoeunacceptable workaroundsâ;
        Deficiencies in Block 2B software, and deferring those capabilities to later blocks, is undermining combat suitability for all three variants of the F-35;
        The programâ(TM)s attempts to save money now by reducing test points and deferring crucial combat capabilities will result in costly retrofits and fixes later down the line, creating a future unaffordable bow wave that, based on F-22 experience, will add at least an additional $67 billion in acquisition costs; and
        Low availability and reliability of the F-35 is driven by inherent design problems that are only becoming more obvious and difficult to fix.

Three different types of data âoemassagingâ are identified in the DOT&E report: moving failures from one category to another, less important one; ignoring repetitive failures, thus inflating numbers of failure-free hours; and improper scoring of reliability

In conclusion: A piece of shit that should be stopped NOW.

Re:No cuts are ever possible

[TheRaven64]

OTOH, our reason for being in Afghanistan was that one of their best buddies leveled a couple office buildings

I think you are confusing Afghanistan with Saudi Arabia.

What difference

[Vinegar+Joe]

At this point, what difference does it make? If the Secretary of State can run her own email server at home, what does it matter how much money is spent on "cybersecurity"?

It's hard to credit the behavioural science claim.

[tlambert]

It's hard to credit the behavioural science claim.

Since we already know how to social engineer our way into secure areas, secure building (including nuclear and military facilities), and to get people to give their passwords or reset someone else's password, and even get the police to respond with deadly force to a perceived threat by an otherwise innocent third party (e.g. SWATting), and get them to click on crap they shouldn't click on in emails, and get them to insteall "media player updates" that aren't, anti-mallware that's actually malware, and so on...

How is additional funding for behavioural science in this area going to make us any more secure by making us even more aware of the exploits we already know, such as those being used by Mitnick prior to 1995 to get into the phone company?

We already understand the human behaviour which allows these attacks to work -- and so does Microsoft, and they're not really spending any effort fixing their software over this knowledge.

So how *exactly* will additional spending in this area impact cybersecurity again? Will it make anyone less likely to believe someone pretending to be from the IT department? Will it make someone less likely to let you on the premises when you pretend you want to talk to the property manager "or someone else in charge" about purchasing land adjacent to an otherwise secure facility?

I kind of don't think so.

But... BOOGA! BOOGA! Cybersecurity! Cyberwarfare! Fund us, fund us!

Is this submission for real?!

[felrom]

It's quite the logical leap to go from

cuts — almost by half — social sciences funding

to

House Bill Slashes Research Critical To Cybersecurity

only based on the vague claim that

Cybersecurity uses human behavior research because humans are often the weakest security link.

The submitter had to really stretch things to get enough almost-tech-related and republican-hating to have his story accepted.

Re:SS is a waffen

[monkeyzoo]

Yeah, what good is economics research? Everyone already knows the silver bullet for any economic problem is to cut taxes for the wealthy!

A sad day on Slashdot

[zapadnik]

It is a sad day on Slashdot when there is wailing and gnashing of teeth by (alleged) Slashdotters when funding for Computer Science is INCREASED and funding for pseudo-science is decreased to cover the boost for Computer Science.

A sad, sad day indeed.

Lamar Smith, Christian Scientist

[PPH]

Not quite as bat-shit crazy as Scientologists. But these are the ones that believe everything can be healed by prayer. So its no wonder that scientific research into human behavior would be rejected by their members.

But then most religions are suspicious of any kind of investigation into the sanity of people who think invisible people living in the sky are talking to them.

Re:Lamar Smith, Christian Scientist

[PopeRatzo]

It's funny, but it does appear that knowledge, whether "critical" or not, is simply kryptonite to American conservatives. They get so damn mad when somebody wants to find something out. They all cry "waste" while passing continuing resolution after continuing resolution that funds anything and everything that can possibly make the maximum number of people dead and the maximum number of their friends rich.

Re:I thought Repub's were uncertain about the clim

[PopeRatzo]

Or maybe they just decided that enough money has already been wasted on this junk science, and see it for what it really is.....

You mean the same guys who banned AP History classes because they, "make America look bad"?

http://www.washingtonpost.com/...

And how would Republicans know junk science, anyway? As they are fond of saying when asked about climate change or evolution or vaccinations or whether the Earth revolves around the Sun, "Well, I'm not a scientist". I mean, they're not generals either, but they all sure got an opinion on whether or not we should bomb Iran, ain't they? They're not God, but they sure as shit think they know what "God wants".

http://www.politicususa.com/20...

http://www.rawstory.com/2015/0...

http://www.politicususa.com/20...

http://nymag.com/daily/intelli...

Those are the fucking people you trust to know good science from bad science? Jeez louise, I wouldn't trust them to know a graduated cylinder from their fuzzy pink asses.

Re:well, why wouldn't they?

[peragrin]

So why increase military spending?

450 billion for a plane that isn't yet flying gets an increase yet you bitch and moan over 1 billion. Talk about pinching pennies to waste hundreds.

Re:well, why wouldn't they?

[sonicmerlin]

The typical conservative response is that we're protecting the world. How that translates to wasting truly historic amounts of money- a degree of expenditure never seen before in human history- on utterly useless pork projects for the military... well that's beyond them.

Re:well, why wouldn't they?

[evendiagram]

Program Cost: $59.2B for development, $261B for procurement, $590B for operations & sustainment in 2012. source