FBI Warns of Sweeping Global Threat To US Cybersecurity 134
GovIT Geek writes "The FBI's newly appointed chief of cyber security warned today that 'a couple dozen' countries are eager to hack US government, corporate, and military networks. While he refused to provide country-specific details, FBI Cyber Division Chief Shawn Henry told reporters at a roundtable that cooperation with foreign law enforcement is one of the Bureau's highest priorities and added the United States has had incredible success fostering overseas partnerships."
Dark days of paranoia and spying. (Score:4, Insightful)
Where have I heard that before? Oh yeah [senate.gov].
But the second quote happened at the beginning of a horrible paranoia based on a real external threat. We still have the apparatus of that paranoia, though most of it was outlawed in the late 1970s and the only credible external threat is now our largest trade partner and "most favorable nation." Today we have secret "terrorist" blacklists with more than a million names. Domestic spying, especially web based spying, has jumped to levels that would make the freedom loving senator from Wisconsin angry. Anti-death penalty and peace groups are among those watched. Shame, isn't it?
Shoring up the nation's IT against spying is as easy as dumping the prevalent non free software used by most big dumb companies. This would also save the country hundreds of billions of dollars in licensing fees and other headaches unique to non free software. The problem is that it would make wiretapping very difficult or impossible.
Yay! More Security Theater!!! (Score:5, Insightful)
What... (Score:5, Insightful)
. While he refused to provide country-specific details[...]
He then hinted that an announcement[...]
Henry would not comment in detail[...]
He shied away from commenting[...]
well, he would say that - wouldn't he? (Score:5, Insightful)
Of course he will talk up the threat - that's his job. Since there's no way that these intangibles can ever be measured, he's on pretty secure ground too. If no threats materialise it's because of his vigilance and the skill of his team - not because there were never any real threats to begin with.
If a threat does turn into a real attack - well, he needs more money, powers and curtailed freedoms to ensure it doesn't happen again.
What you all just said... (Score:1, Insightful)
FBI Cyber Division Chief says other countries are trying to hack in to their systems.. if we disband the government we won't have any threat!
We win both ways.. we don't have the paranoid threat of having to deal with terrorists attacking "our government", nor do we have to worry about "our government" attacking us... again.
Was this followed by a request for more money? (Score:3, Insightful)
Nice way to get more budget, "OMG the terrorists are going to control our nukes from their iPhones!!!11!! You must give us lot of money to protect you".
I know there are threats, and I know that a lot needs to be done about them, but this kind of scaremongering is getting boring after nearly a decade.
This is a real problem, there is no need to exaggerate it. You use unsupported hyperbole at your peril, after a while no-one will take you seriously. Especially now, when budgets are under so much scrutiny.
In many ways these financial problems could be great for civil liberties, constructing a surveillance society costs real money. Just take a look at the UK ID scheme, it will cost billions.
Re:Dark days of paranoia and spying. (Score:5, Insightful)
How much farther down this rabbit hole must we go before government whistle blowers become folk heroes? Will our grandchildren hear stories of Babe the blue ox, superman, and joe whistleblower? I hope so.
I hope not! That means that whistle blowers are so rare that they must be celebrated. I hope they are more common than bus drivers.
I'm nervous that he would mention corporate nets (Score:5, Insightful)
The implication of a government person saying we have a problem, is that the government should do something about it. And for the military and other government networks, that's fine.
But why do we ("we" being the government) need to do anything to protect corporate (or any other private) computers? The owner/operators of computers can protect them on their own. Just stop running foreign code.
This isn't like physical security, where, say, IBM can't (and shouldn't have the means) to protect themselves from nuclear ICBM attack. It makes sense to put government in charge of securing the country against certain threats, and that job (if stated broadly enough) is arguably the only reason we need government to exist at all. But cyber-security isn't one of those situations, because individuals and groups can protect themselves, without putting anyone else at risk.
Re:Dark days of paranoia and spying. (Score:5, Insightful)
FOSS software is swiss cheese for security, it's just that not many people eat it and therefore don't realise it has so many holes.
And gross generalisations are always wrong too! Like this one.
It really depends on the project. Most obvious projects to look at: Apache, PGP, Linux, etc. Very widespread adoption, and nothing like 'swiss cheese' in terms of security. FOSS software can be amazingly secure with the right guidance.
Twitter is making gross generalisations too, of course.
A well conceptualised FOSS project can obviously be just as good as any well conceptualised cllosed source project. Popular Open Source projects will be able to have more developers looking over the code though, and are likely to thank people for disclosing security vulnerabilities, and patch them up quickly. Sometimes closed source vendors get really pissed off when people disclose vulnerabilities - even when they've been given a while to get a patch sorted out and have done nothing about it.
Re:Dark days of paranoia and spying. (Score:4, Insightful)
Re:I'm nervous that he would mention corporate net (Score:3, Insightful)
much of our infrastructure is run by private companies.
So, basically privatization leads to nationalization?
Interesting.