Re: [ISN] CIO pushes network-centric warfare

From: InfoSec News (isnat_private)
Date: Wed Aug 29 2001 - 22:41:44 PDT

Next message: InfoSec News: "[ISN] Researchers discover new method of stealth computing"

Previous message: InfoSec News: "[ISN] How do you fix a leaky Net?"
Maybe in reply to: InfoSec News: "[ISN] CIO pushes network-centric warfare"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarded from: Dave Dittrich <dittrichat_private>

> It will mean that "anybody can get any information at any time,"
> Stenbit said in a meeting with reporters Aug. 24. He took over the
> CIO post Aug. 7.
>  . . .
> Finally, Stenbit said he is going to focus on the reliability of
> information systems. "Once we start depending upon them, wed better
> make sure theyre there," he said.

I'm glad to hear that he is at least saying up front that reliance on
digital information for targetting is a huge potential risk. Consider
what would happen if your enemy can change GPS data or targeting
sensor data to make your systems think THEIR capitol city is really
YOUR capitol city!  "Identify friend or foe" doesn't work when your
sensor data can be made to lie about who "foe" is.

> Overall, he said that information technology can help free up
> money from the non-fighting arm of the military, thereby making
> more money available for force structure and modernization.

This part scares me.  I believe that this is one of the fundamental
problems with the dot-gone economy, where C{TIE}O's consider their
application of technology to "free up money" that can be spent
elsewhere (e.g., huge travel budgets, huge executive signing bonuses
and golden parachutes, huge executive salaries, a larger emphasis on
marketing above engineering, etc.)

I believe that the flaw in the logic here is that the application of
technology ITSELF comes with hidden costs (in the form of security
needs), and does not have nearly the effect on "freeing money" that
non-technical and overly optimistic CIOs believe.  The end result is
that risk exposure is increased, preventative measures and sound
engineering (which include security from step one) do not take place,
and the legal system is used as a band-aid to cover up the hemoraging
that results.

--
Dave Dittrich                           Computing & Communications
dittrichat_private             University Computing Services
http://staff.washington.edu/dittrich    University of Washington

PGP key      http://staff.washington.edu/dittrich/pgpkey.txt
Fingerprint  FE 97 0C 57 08 43 F3 EB 49 A1 0C D0 8E 0C D0 BE C8 38 CC B5



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
of the mail.

Next message: InfoSec News: "[ISN] Researchers discover new method of stealth computing"
Previous message: InfoSec News: "[ISN] How do you fix a leaky Net?"
Maybe in reply to: InfoSec News: "[ISN] CIO pushes network-centric warfare"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Aug 30 2001 - 01:14:48 PDT