Slashdot Mirror
DNC Creates 'Cybersecurity Board' Without Any Cybersecurity Experts (techdirt.com)
An anonymous reader writes from a report via Techdirt: The Democratic National Committee has created a "cybersecurity advisory board" to improve its cybersecurity and to "prevent future attacks." Politico reports: "'To prevent future attacks and ensure that the DNC's cybersecurity capabilities are best-in-class, I am creating a Cybersecurity Advisory Board composed of distinguished experts in the field,' interim DNC Chairwoman Donna Brazile wrote in a memo. 'The Advisory Board will work closely with me and the entire DNC to ensure that the party is prepared for the grave threats it faces -- today and in the future.' Members include Rand Beers, former Department of Homeland Security acting secretary; Nicole Wong, former deputy chief technology officer of the U.S. and a former technology lawyer for Google and Twitter; Aneesh Chopra, co-founder of Hunch Analytics and former chief technology officer of the U.S.; and Michael Sussmann, a partner in privacy and data security at the law firm Perkins Coie and a former Justice Department cybercrime prosecutor." What's surprising is that none of these members are cybersecurity experts. Techdirt reports: "If the goal of the board was to advise on cybersecurity policy, then the makeup of it is at least slightly more understandable, but that's not goal. It's to actually improve the cybersecurity of the DNC. Even if the goal were just policy, having someone with actual technology experience with cybersecurity would be sensible."
A board filled with Clinton Donner's
Just never write down any dirt.
See also: Bill Clinton's meeting on the tarmac. That's how serious dirt is done.
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
The point of every board isn't to ever do work. It's just to head up the meetings and organize the allocation of funds to achieve the agenda.
You might want one technician but management is management. Management is just about allocating your resources to do get shit done.
Obviously nobody on the board is actually going to get their hands dirty. And boards don't do very much. They will probably meet once a quarter... by phone for an hour. Agree that the consulting firm that they hired is spending the money wisely and then go back to their real jobs.
Political officials setting themselves up to regulate things they have zero background knowledge in? Sounds like business as usual to me.
Many chiefs. No tribal members.
Look, there are two ways to look at cybersecurity:
1. Most unauthorized access is through social engineering. It can be fixed with training and fewer gullible people. Translation: this is a massive back door that will never be fixed, as those at the top are the worst offenders. And they never follow instructions.
2. Most methods of providing cyber security involve fixing known prior methods of attack. Polymorphous self-adapting viral code with bootstrap load into the kernel was created in the 1980s, but we still have no real ways of defeating it. Realize most cybersecurity is just closing the barn door after the horses escape. Stop putting all the horses in the barn.
3. Insert fictional defense method here which will never work in reality, because the PHBs always need a fall guy they can blame for their own security nightmares they created by ignoring advice.
-- Tigger warning: This post may contain tiggers! --
And the politicoes are all stumped as to why people are angry at them and screaming for real change, to the point where people will actually vote for an asshat like Trump...
Chas - The one, the only.
THANK GOD!!!
People who understand the subject would get in the way of enacting the laws the bigger campaign contributors would want.
The DNC only employs their own clueless corrupt cronies. It's why they're being bent over so badly atm by toddlers using babies first cracker.
The hiring choices outlined by this article are going to lead to another article at some point in the future, to which I will feel compelled to once again post the comment: "Should have hired me instead, assholes!"
Just the political elites doing what they do irrespective of the skill set of people they are employing. People keep banging on about corruption in some third world nation when corruption is well and truly alive in your back yard.
They also try to pass firearms laws based on no knowledge of the technology. Government isn't about the technology, it's about the control of the people.
A board designed to investigate a technical thing, being staffed by people who are better at raising money and making good sound bites than actually knowing anything about what they're supposed to be figuring out.
On second thought, erase the word "technical" from that paragraph.
This is business-as-usual government foo-bah of putting people they can influence on fictitious, red-tape-induced board to make themselves more paper-tiger worthy down the road.
Every time I see a bunch of former C[TEIF]O titles on a board, it'll just be a bunch of 'big idea' movement with zero skills and lots of tax payer money going to government contractors who'll milk every penny out of it for medeocre-at-best results. I agree whole-heartedly that there needs to be some real, proven technical people who make up that board --- not the suits. They are good at pushing agendas and this will be nothing more than polticial-career on-the-job training for most of them.
"This is windows calling, your computer have virus".
This is the hottest cybersecurity board on record.
Russia's been hacking the DNC.
Trump's top campaign adviser is a literal agent of the Kremlin. As in, he had to register as an agent of a foreign government because he was working for one. And Ivanka Trump is partying in Croatia with Vladimir Putin's girlfriend, Wendy Murdoch.
http://www.cnn.com/2016/08/15/...
http://www.smh.com.au/lifestyl...
Now with those two stories in mind, go back and look at the changes Trump made to the GOP platform back in July:
https://www.washingtonpost.com...
Now think about the fact that Russia's been hacking the DNC (see how I brought it back on-topic?)
Even if the goal were just policy, having someone with actual technology experience with cybersecurity would be sensible."
... or failing that an 8 year old child.
On the whole, I find that I prefer Slashdot posts to twitter ones because I don't get limited to 140 chars before
An acquaintance who is a manager once told me that he can manage anything because, well, managing is managing. Another one suggested to me when I was a teen to go study management because, well, managers will always be needed...
Isn't that a little pretentious and old school like where the boss is the boss, doesn't matter if he is right or wrong or if he knows what he is talking about.
Seems to me hard to understand how a manager can manage something he doesn't know anything about unless he has skilled technical assistants. But how will he evaluate the skills of his assistants? I suppose if the assistants tell him what he wants to hear, it might help.
This is one of the fallacies of modern MBA-style management: management is a specific skill that's the same across all industries.
In it's worst form, it's what gets us CEOs who slash costs and show growth for the first year, then leave with a golden parachute while the company flounders.
If you study management even a little, you realize that the best managers are expert in their respective fields. This is not to say that software managers must be expert coders, but they need to have in mind the capabilities and limitations of the company products, the tools that the coders use, the current marketing trends, and some ad-hoc guesswork as to where the market is going. And also, they should at least know how to code, if not be an expert at it.
Consider: Do you think a generic manager could step in and manager a newspaper without intimate knowledge of the newspaper business? How well do you think that company would do if it actually happened?
Looking at some of Warren Buffet's writings, I note that he has people he trusts that can quickly learn the business and make informed choices that ultimately turn a company around. For example, a troubled company that supplies hardware, his people identified parts that had little profit and were available from other suppliers, as opposed to other parts that had more profit and were unique to the business. That's how he buys distressed companies and turns them around.
This is not what generic MBA-style managers do: learn the business, go into detail, and make strong decisions that benefit the company.
Looking at how GE gets vice-presidents, they always hire from within. They take a director and move him over to another department for a couple of years, and see how well he does. Then they move him again, and in a couple of years move him again. Over time, the directors become very well informed about how the business actually works, and anyone who isn't flexible enough to learn and do well in the business gets weeded out.
GE executives are some of the best managers in the world.
I've worked with a lot of "plug-in" managers who never seem to know where to go or what to do. They take the opinions of their staff as gospel without adding their own expertise, and serve as a simple buffer between the workers and upper management.
Better get on it FBI.
What a dumb fuck... some hacker uncovers how corrupt and rigged the DNC is and you want to keep blaming Trump. Keep begging to get fucked down the drain by big party politics because that's all you're going to get. Fucked deeper and deeper in your ass while big brother's hand is in your pocket.
Did you visit the link I provided? The guy fits the bill and he was indeed a project manager. Of course I agree with what you wrote. I manage stuff that I know about. My head isn't inflated enough to pretend I can manage everything.
Actually, I didn't. I honestly thought it was part of your sig, and didn't think it was relevant to your text. Sorry about that.
Maybe weave the link as part of text as a reference to a position, or refer to it in the text?
Don'tcha just feel good knowing how well Hillary will be keeping the nation secure when you cast that ballot?
There is no America. There is no democracy. There is only IBM and AT&T and DuPont, Dow, General Electric, and Exxon
And the politicoes are all stumped as to why people are angry at them and screaming for real change, to the point where people will actually vote for an asshat like Trump...
Given Clinton's recent hiring practices and campaign staff, maybe we should just be happy that she hired Americans and leave it at that.
Welcome to modern politics, where those who actually know something about the field in questions are excluded from the discussions and those who don't have a clue, but have plenty of political clout are given virtually all of the authority.
The whole idea behind the liberal's idea of a cybersecurity committee that has no one qualified on it simply means one thing...... their tactics and the evidence was severely compromised using this method of communication. The committee's suggestion will be to simply never use email for this type of important communication again. Problem solved.. Now we can get back to the important business of figuring out how to eliminate encryption, kill the fourth and fifth amendments.
To keep this election fair and balanced the RNC needs to release their emails.
These boards are only created so that it appears that "something" is being done. -- Doesn't matter if anything does get done. They get PR credit for attempting to do "something."
Democrats are so sure they have ALL the answers to EVERYTHING that they never need turn to ANY experts for advice or validation. They did this big-time with Obamacare, not paying any attention to security experts who pointed out that it (still) sends personal info in the clear, or to integration experts (it still does not really validate applications it just kicks the info on the the insurance vendor and hopes it gets paid, and if it does not the vendor is left holding the bag and trying to get the money from the IRS). They never asked any real doctors, or real insurance people, or any real web applications experts either, it was just the second website done by a firm selected without RFPs or other criteria, just picked out by the Obamacare team even though their first project was a non-functioning disaster - but, hey, they worked cheap. Much cheaper than the outfits hired late to salvage the mess, much of which still remains, but is now nicely camouflaged.
Democrats NEVER listen to military people when they make military decisions (Vietnam and the current Middle East fiasco, cases in point) nor do they want to hear from experts in intelligence (they ordered the intelligence community not to report anything contradicting Obama's sunny view of ISIS as the "JV Team", this is back in the recent news again).
They don't listen to ANYONE, EVER! Except, of course, political "experts" from the Democrat support groups or Democrat academics they already know agree with them. Obama has been trying to re-implement socialism without bothering to ask anyone (anyone who not "someone", Castro may live in Cuba but he still in Denial) from Russia, China, Cuba, Venezuela and so on how it all worked out for them. They just blast forward and damned the consequences and when the consequences become dire and unavoidable, they blame the Republicans. Tried and true.
It just cannot surprise me at all that they would set up a "Cybersecurity Board" and then staff it exclusively with political operatives. They will CLAIM that THEY will talk with the "experts" but, again, only and EVER the ones they already know agree with them - and if they DON'T agree with them, they will be told they'd damned well better start.
That's "Liberalism". I don't know if they were THIS bad back in the 60's when I believed in them - I hope they weren't, I'd hate to think I was THAT damned ignorant back then. But they are so egotistical now they take my breath away and they have so very little success to bolster it.
A technician, no matter how brilliant, is a worker, not a leader. These people are leaders. They have power and make crazy money. Technicians follow them, don't get seats on boards like this one, and aren't really worthy of having their names mentioned in stories (unless they are taking the blame for something).
I'm not sure if you understand entirely, they consider us dirty and low. They want nothing of any kind to do with a common person because they are of a different class than us, they were born that way and have lived that way their entire lives. They believe all this computer do-hickey non-sense can be resolved with words and little pieces of paper.
The reality that change only comes about through engineering angers them because it is a threat to their power. They couldn't engineer a solution if their lives depended upon it because they have not invested their time in learning and obsessing on these matters to become enriched by it's knowledge. They go to country clubs and get paid ludicrous sums by making back door deals with scum bags like subway and sony who poisoned us and spy on us.
These types would never lift a finger to help you, your family, or anyone you care about. It is this which drives us to create, and our creation makes their policy wither and blow away like the dust it is. We see it everywhere, we see it in uber crippling the artificial taxi system. We see it in video streaming crippling their content delivery systems. We see them slipping and becoming less relevant with the rise of international currencies like bit coin and it's brethren.
At a certain point, we won't need a centralized government to handle logistics at all. We are collectively mutating and becoming more and more capable and independent, mentally extended empowered and enabled artificially. Experiments are already underway and this effort gains momentum as we lose our faith and gain our confidence. Edward Snowden, the panama papers...we are becoming what we always wanted to be, a cohesive intelligent collective rather than the unwashed mass. One which sticks to it's idealism and beliefs instead of paying lip service to it.
We are losing our fear and becoming stronger for it.
Being exposed for subverting democracy is obviously a grave threat.
Only Political Apparatchiks (Democratic Party Clergy) begging for a HillyBilly Cabinet Job need apply.
Which demonstrates HillyBilly's depth of knowledge.
Ha ha
because, you know, suits.....
Perhaps they just want to go after anyone implicated or suspected in hacking or leaking in court... (maybe also publishers, commentators, or rival politicians who spread the information around)
"DNC emails leaked regarding insiders' placements on DNC Cybersecurity Advisory Board. The DNCCAB releases statement, 'It depends on your definition of hacking.' Nude photos of Clinton found among the leak which boost her in polls by 75%. Trump tried to counter by leaking his own sex tape, but the effort tanked because no one wanted to hear him dirty talk Chris Christy."
... if any of the above headline becomes true, the terrorists have won
Mod me down, I shall become more off-topic than you could possibly imagine.
Do you really want more of this crap?
Delaware did sething similar a few years back auditing their voting machines. Hey, if a warehouse manager can't hack in aint nobody gonna get in.
http://electionsncc.delaware.gov/pubs/vm_report.pdf
Or a personal responsibility board? Of course they don't need any actual cybersecurity experts, this is only to distract from the fact that they broke the rules by pointing the finger at someone else. They don't need this board to do anything, it's just for the press release
--
Stay tuned for some shock and awe coming right up after this messages!
lots of people who have no clue, few that do. Just get on with it and hire skilled foreigners on H1B visas to get the work done, as usual.
I'm sure their Cybersecurity Board is very diverse, and that's what really counts.
This is what you get when you spend your life in management as opposed to doer-ship. They probably look at doers as some kind of alien species of human being they have no contact with or understanding of. "Hey, Donna (says Hillary), do you or anyone you know actually have contact with someone who can actually DO something in this area (or any area)? No? Me neither. Let's call a bunch of supporters and contributors with good sounding backgrounds. That'll have the "optics" we need.
E Proelio Veritas.
The addition of lawyers to a bunch of C-level managers is very telling. This group will advise others what policies can and can't be implemented, who in turn will advise others what mechanisms can and can't be installed, who in turn will tell somebody to make the bloody (security) thing work.
Politicians, regardless of political party, will always perform their duties as politicians so it is no surprise that they create rules committees and advisory boards and fill the positions with politicians. It's what they do. Much of the time it's just for show to make it appear like they are doing something and that they "care" about the topic or crisis at hand. The advisory board will hold meetings, travel around the country to investigate things, make speeches and ultimately release a statement filled with lots of professional sounding words that really don't say anything or make any impact on the topic they were created for. In the end, they will all pat themselves on the back for a job well done and the public will feel satisfied because "at least they DID something about the problem" and everyone will move onto the next "we need to DO SOMETHING about this problem" crisis.
Like most things democratic and liberal it makes them feel better.
See? They only need lawyers.
What's surprising is that none of these members are cybersecurity experts.
Not surprising to me. The DNC and their members create economic policies with no understanding of economics. They put people in charge of justice with no understanding of justice. They put people in charge of foreign policy who are incompetent in dealing with foreign policy issues.
So this is just what they do - meddle in things they know nothing about.
"Somebody has to do something. It's just incredibly pathetic it has to be us."
--- Jerry Garcia
No doubt they are not cybersecurity experts. They are attempting to solve the impossible: "Preventing future attacks." The attacks will continue. They need to change the goal to be "Prevent successful attacks." Until the problem has been correctly defined, it will not be solved.
bureaucracy designs crap. Try engineering by a committee instead of by science.
I think they are floundering while looking for an actual solution. They are a bunch of inflated bags and instead of having substance they can only detect appearance, so appearance is what they are putting in place. Perhaps they are making a hack-target for script-kiddies?
Change definition of DNC to Does Not Compute.
Why don't they hire Algore - the man who invented the Internet to head this group? He'd have 2 great things going for him:
I guess the democrats couldn't let Trump have the upper hand having an economic board with no economists.
Only intentions are important in the DNC. And then there's the whole "experience" issue. If we're supposed to vote for Hillary because she has experience, this blows that out of the water. But then again, it doesn't matter, results don't matter, as long as they are in charge.
There are no cyber security experts on the panel because nobody owed any favors to any cyber security experts that could have been called in to get an appointment to the board. The skill set of the candidates in question never came into play.
Actually, it seems to me that the makeup of this board is geared towards damage control and being able to sue whoever hacks them. One of the big picture items from Edward Snowden's leak is that, not only does the NSA believe that the best defense is a good offense, they believe that many aspects of cyber defense are hopeless. Clinton, of all people, would know this so the DNC may well have concluded that they can't avoid being hacked so they have decided to be ready to clean up when it happens.
Entertainment
..., lawyer up.
When the king heard the words of the Book of the Law he tore his robes.2Kings22:11
It was hard to find transgender african american female cyber security expert so they just hired a transgender african american female with a degree in socialism and said it was racist and against women if you didn't call xe a cyber security expert.
everyone is having trouble recruiting security experts.
Just look at the impressive people they hired! Wouldn't you be scared if you were a hacker?
All it is about anymore. Appearances. No substance.
At least, I never hear the word used in association with securing data, networks, servers, etc. But maybe the companies I work for are all weird or something?
--- wad
I'll bet that group is "correctly" gender and racially balanced.
Nothing new here! It is typical government bullshit: Put friends and family in charge, regardless of the potential to further break a system!
HEAR THIS: It is IMPERATIVE that fully qualified people need to run regulatory, or ANY other, agencies.
Non-qualified persons in a job ALWAYS make matters worse. Period.
Just because you are an activist does NOT make you qualified! You are likely just looking for a bandwagon to jump on. GET THE FACTS, PLEASE!
Self-importance and self-indulgence is the root of ALL evil.