RE: [iwar] [fc:Cybersecurity.A.Top.Priority:.White.House.Adviser. Presses.Computer.Industry.to.Do.More]

From: e.r. (fastflyer28@yahoo.com)
Date: 2002-02-15 12:09:51


Return-Path: <sentto-279987-4478-1013803792-fc=all.net@returns.groups.yahoo.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Fri, 15 Feb 2002 12:12:09 -0800 (PST)
Received: (qmail 10499 invoked by uid 510); 15 Feb 2002 20:10:05 -0000
Received: from n20.groups.yahoo.com (216.115.96.70) by all.net with SMTP; 15 Feb 2002 20:10:05 -0000
X-eGroups-Return: sentto-279987-4478-1013803792-fc=all.net@returns.groups.yahoo.com
Received: from [216.115.97.166] by n20.groups.yahoo.com with NNFMP; 15 Feb 2002 19:57:21 -0000
X-Sender: fastflyer28@yahoo.com
X-Apparently-To: iwar@yahoogroups.com
Received: (EGP: mail-8_0_2); 15 Feb 2002 20:09:51 -0000
Received: (qmail 5412 invoked from network); 15 Feb 2002 20:09:51 -0000
Received: from unknown (216.115.97.167) by m12.grp.snv.yahoo.com with QMQP; 15 Feb 2002 20:09:51 -0000
Received: from unknown (HELO web14505.mail.yahoo.com) (216.136.224.68) by mta1.grp.snv.yahoo.com with SMTP; 15 Feb 2002 20:09:51 -0000
Message-ID: <20020215200951.50384.qmail@web14505.mail.yahoo.com>
Received: from [12.78.123.122] by web14505.mail.yahoo.com via HTTP; Fri, 15 Feb 2002 12:09:51 PST
To: iwar@yahoogroups.com
In-Reply-To: <72222DC86846D411ABD300A0C9EB08A1079C3372@csoc-mail-box.csoconline.com>
From: "e.r." <fastflyer28@yahoo.com>
X-Yahoo-Profile: fastflyer28
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Fri, 15 Feb 2002 12:09:51 -0800 (PST)
Subject: RE: [iwar] [fc:Cybersecurity.A.Top.Priority:.White.House.Adviser. Presses.Computer.Industry.to.Do.More]
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Agreed.  Bill will figure out a way to make us pay him more money-with
licenses and annual upkeep.  He has been at his Country Clun too often.
As for Larry, well.. he will do well in the merica's Cup.  I will not
go any further.  All of these guys have egos the size of Montana so we,
the great uswashed will suffer along.  I hope these boys are enjoying
it at out expense.  Someone should be.
--- "Leo, Ross" <Ross.Leo@csoconline.com> wrote:
> All I can say is:
> 
> 1.  Hooray Bill!  At least you are being realistic by saying "less
> vulnerable...".  We won't hold our breath, but we will wait and see.
> 
> 2.  Once again Larry Ellison grandiloquently pledges the impossible,
> and
> once again won't deliver.  His attention-getting remarks are worse
> than
> boring.  As Anthony Hopkins' character from "The Edge" said "What one
> man
> can do, another can do." With apologies, "What one man can build,
> another
> can break".  At best Oracle will only be improved (which is fine) -
> but
> unbreakable?  Not very realistic.
> 
> 3.  Hooray John!  The light comes on.  Funny how the leader of the
> networking behemoth has only now figured out how fully and completely
> network security and networking configuration/performance are
> fundamentally
> a part of each other such that he is now calling security
> enhancements
> "necessities"!
> 
> This is good news,  at least 2 out of 3 anyway.  However. talk is
> cheap.
> 
> Ross
> 
> 
> 
> 
> -----Original Message-----
> From: Fred Cohen [mailto:fc@all.net]
> Sent: Thursday, February 14, 2002 23:48
> To: iwar@onelist.com
> Subject: [iwar]
>
[fc:Cybersecurity.A.Top.Priority:.White.House.Adviser.Presses.Computer.I
> ndustry.to.Do.More]
> 
> 
> Cybersecurity A Top Priority: White House Adviser Presses Computer
> Industry
> to Do More
> 
> By Ariana Eunjung Cha, Washington Post, 2/10/02
> www.washingtonpost.com
> 
> The unusual announcements from three of the technology industry's
> most
> powerful men came just weeks apart.
> 
> Microsoft Corp. Chairman Bill Gates declared that making his
> company's
> software less vulnerable to security breaches would take precedence
> over
> adding new features. Oracle Corp.'s Larry Ellison pledged to make his
> company's database programs "unbreakable." Cisco Systems Inc.'s John
> Chambers told clients at a private conference that he no longer
> regarded
> security enhancements on equipment that directs traffic across the
> Internet as extras but as necessities.
> 
> The timing of the announcements was no coincidence.
> 
> Directly or indirectly, the statements were influenced by an
> aggressive
> public awareness campaign orchestrated by Richard A. Clarke, who in
> October took on the new job of White House cyberspace security
> adviser.
> In private meetings with chief executives and in speeches at
> conferences, Clarke has pushed companies to commit themselves to
> protecting the online world from attacks by terrorists and other
> nefarious parties.
> 
> "There is . . . a growing consensus in government and industry that
> we
> can no longer continue praising the emperor's new clothes," Clarke
> said
> in an interview this week. "There is a willingness to admit that
> there
> are vulnerabilities and it is not inconceivable that they will be
> used
> against us in a way that could be very damaging to the economy."
> 
> Clarke's push is part of a government-wide effort to improve
> cybersecurity and to better coordinate the efforts of bureaucracies
> and
> corporations.
> 
> Just yesterday, the House passed a bill that would allocate $880
> million
> over five years to computer-security research. And a coalition of
> companies in partnership with the federal government announced a
> National Cybersecurity Campaign to teach home and small-business
> computer users how to safeguard their machines.
> 
> Over the past few months Clarke has drawn up his own ambitious
> agenda,
> which includes:
> 
> * Creating an Underwriters Laboratory-type place to test software
> security.
> 
> * Establishing a priority cell-phone system for law enforcement and
> medical personnel.
> 
> * Creating a "reverse 911," or multimedia emergency broadcasting
> service, to send alerts to people in specific areas on land lines,
> cell
> phones or computers.
> 
> * Establishing ties with cybersecurity experts in other countries to
> coordinate investigations.
> 
> * Setting up a government-run Internet called GovNet.
> 
> Clarke successfully lobbied for an increase from $2.7 billion in
> fiscal
> year 2002 to $4 billion in 2003 for government-computer security.
> 
> His office has created task forces of major Internet service
> providers,
> router manufacturers and security experts in and out of government to
> develop a plan to protect the basic infrastructure of the Internet.
> Their proposals are due in April.
> 
> Clarke is still assembling a staff. He has filled only half of the 16
> jobs.
> 
> The staff so far is a mix of national security officials, businessmen
> and technical geeks. Howard Schmidt, the former head of computer
> security for Microsoft, started in late January as Clarke's deputy.
> Roger Cressey, a career public servant who has worked on
> anti-terrorism
> efforts in Israel, Somalia and the Balkans, is the chief of staff.
> 
> Also in the office are Paul Kurtz, a longtime National Security
> Council
> staffer specializing in international relations; Steve Poizner, a
> former
> Silicon Valley entrepreneur; and Marcus Sachs, a retired army officer
> who is better known for being part an elite group of hackers that
> helped
> the government neutralize the "Code Red" and "Nimda" worms.
> 
> Clarke is emphasizing that government agencies and other interests
> talk
> and share information.
> 
> "I see that office as having its greatest effect by bringing together
> resources that already exist and making them go in the same
> direction,"
> said Allen Paller, director of research for the SANS Institute, a
> computer-security think tank in Bethesda.
> 
> The various government agencies in charge of cybersecurity will come
> together under one roof this month at the old Y2K initiative
> headquarters at 18th and G Street. The Commerce Department's Critical
> Infrastructure Assurance Office and the FBI's National Infrastructure
> Protection Center outreach operations -- two groups known for past
> turf
> battles -- will join Clarke's staff.
> 
> There has already been some awkwardness. While Tom Ridge's Office of
> Homeland Security has taken the lead in issuing alerts about physical
> threats, it has always been the FBI's job to let the public know
> about
> viruses, worms, hacks and other things that threaten the online
> world.
> And the mission of Clarke's office overlaps greatly with the Commerce
> Department's critical infrastructure unit.
> 
> The groups have temporarily resolved the issues by making sure that
> Clarke's office is informed when the FBI issues alerts and by
> appointing
> John Tritak, director of the Commerce Department unit, as a
> high-ranking
> member of the critical infrastructure protection board that Clarke
> oversees.
> 
> Clarke spent much of his first 100 days in office making the rounds
> of
> technology companies. Many corporate executives expected feel-good
> pep
> talks about how government and industry could work hand-in-hand to
> prevent cyber attacks.
> 
> Instead, Clarke and his staff brought binders full of research papers
> raising questions about security vulnerabilities. They were not above
> coaxing or bullying the business officials with threats of regulation
> and appeals to patriotism.
> 
> "No vendor wants to appear like they are not being patriotic or
> responsive to real concerns about security breaches or flaws now and
> I
> think Mr. Clarke is very effective at using that to push them to make
> changes," said Catherine A. Allen, the chief executive of the
> technology
> group for the Financial Services Roundtable, which represents the
> chief
> executives of some of the nation's largest companies.
> 
> Microsoft spokesman Jim Dessler said while the company chose on its
> own
> to redirect its software development efforts, "it came in the
> backdrop
> of an increased emphasis in security that has been put forward by
> those
> in government such as Clarke."
> 
> Mary Ann Davidson, chief security officer at Oracle, said that since
> Sept. 11 federal officials have made many people realize that perhaps
> "the most frightening type of attack is one that's launched in
> cyberspace to bring down our critical infrastructures."
> 
> "To get these companies to put their money where their mouths have
> been
> for years, that is a major victory for his office," said Gilman
> Louie,
> who heads In-Q-Tel, the high-tech venture fund financed by the
> Central
> Intelligence Agency.
> 
> But even as they praise his aggressiveness, some question Clarke's
> priorities.
> 
> His proposal to create GovNet has been criticized by many experts as
> impractical and costly. His partnership approach to get industry to
> do
> things voluntarily has clashed with the opinions of groups such as
> the
> National Academy of Sciences, which recently put out a report that
> said
> new liability laws are the answer.
> 
> Eugene Spafford, director of Purdue University's Center for Education
> and Research in Information Assurance and Security, said Clarke
> should
> spend more of his energy on getting federal computer systems up to
> par.
> 
> "They are starting in the wrong place," Spafford said. "If I were out
> in
> industry I would find it unpersuasive to be told that I have to spend
> a
> lot of money on new security without some indication that government
> has
> done it first."
> 
> 
> ------------------
> http://all.net/ 
> 
> Your use of Yahoo! Groups is subject to
> http://docs.yahoo.com/info/terms/ 
> 
> 


__________________________________________________
Do You Yahoo!?
Got something to say? Say it better with Yahoo! Video Mail 
http://mail.yahoo.com

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2002-12-31 02:15:03 PST