Forwarded From: <anonymous> > NEW YORK (CNNfn) - Seven hackers from Boston shook up a Senate committee > hearing Tuesday by boasting that computer security is so lax, they could > take down the entire Internet in half an hour. Given the skills of the members of l0pht, I would not be at all surprised. > And the General Accounting Office chimed in with a pair of reports on the > woeful state of computer security at the Federal Aviation Administration and > the State Department. Given the lack of respect (and pay) that the government shows its sysadmins, I am not at all surprised. With the mandate from the President and Congress, all government institutions are forced to downsize. But rather than rid themselves of largely useless middle management, the first group the government institutions have targeted for the axe are the system administrators. Out of sight, out of mind. And now they wonder why security is so piss-poor? Time for the government to get a clue! > "Unfortunately, government agencies are ill-prepared to address the > situation," he added. And the sun rose in the East this morning, too. I swear, the Government is good at making observations that are (1) already painfully obvious, and (2) practically worthless. > The State Department got slightly better marks. Only because they have to deal with International Traffic in Arms Regulations (ITAR). What is disturbing is that they are only "slightly better." And judging from the depth of the penetration, that "slightly" doesn't amount to jack. > But Ira Winkler, president of Information Security Advisers, a computer > security consultancy, cautioned, "These are not your average hackers. > They're highly skilled people who try to find holes in commercial software." > > "They're the ones finding the latest hack for the Web, instead of finding > the latest hack on the Web," Winkler said. "There's a big difference." And this discounts the L0pht's observations *how*? What's the relevance of Winkler's comments here? > Although the session was heavy on possible dangers, it was light on > solutions. Because it would require the government to radically rethink their approach to security. The government is not known for taking bold initiatives; especially when old fogeys who don't even _use_ computers are at the helm. > Sen. Thompson noted, "We, as a nation, cannot wait for the Pearl Harbor of > the information age. We must increase our vigilance to tackle this problem > before we are hit with a surprise attack." And that vigilance can only be through heightened genuine security; not through this nonsensical application of useless laws that frighten only the rank amateur. -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:54:06 PDT