http://www.wired.com/news/politics/0,1283,47479,00.html By Declan McCullagh and Ben Polen 2:00 a.m. Oct. 11, 2001 PDT WASHINGTON -- Worried about the threat of terrorists-turned-hackers, members of a House panel spent Wednesday puzzling over how Congress could improve computer security. "What legislative and other steps are needed to increase the focus on computer security?" Rep. Sherwood Boehlert (R-New York), chairman of the House Science committee, asked at a "cybersecurity" hearing. Boehlert added: "We want to focus on real, concrete problems and develop specific solutions." In truth, there's not much that Congress can do: America's computer security is in the hands of geeks more inclined to read Slashdot than the Federal Register. Because security relies on technologies like firewalls and bug fixes, the government's role has been limited to indirect mechanisms like tax cuts and federal grants. Politicians may not know the difference between a byte and a nibble, but they are experts in spending money. And during the aftermath of the deadly Sept. 11 attacks, legislators seem willing to sign unusually fat checks. "No federal funding agency has assumed responsibility for supporting basic research in this area -- not DARPA, not the NSF, not the Department of Energy, not the NSA," complained William Wulf, a professor of engineering and applied science at the University of Virginia who testified at the hearing. Wulf was referring to the Defense Advanced Research Projects Agency, the National Science Foundation and the National Security Agency. Wulf said that it wasn't a temporary budget increase that was necessary -- but a permanent one. "Don't think it's an issue of a lot of money but some type of guarantee of long-term money," he said. While the Sept. 11 hijackers did use the Internet to book airplane tickets, according to police reports, there's no public evidence that they or accused mastermind Osama bin Laden ever planned on attacking websites. But even in the absence of evidence, politicians are doing anything they can to increase security in all aspects of American life. The National Science Foundation already has a scholarship program that pays for two years of computer science university education in exchange for two years of federal service after graduation. But Eugene Spafford, professor of computer science at Purdue University, said his school had unfilled slots for the program. Spafford said his students are more attracted to the corporate world where "they get paid higher salaries for doing the same work." Another idea, offered by Terry Benzel, a vice president at Network Associates, was for the feds to create a program for "more senior and experienced people to rotate in, who have an understanding of the contributions we can make." Benzel suggested that the newly created Office of Homeland Security should be responsible. "We need a new organization which can benefit from some of the best and brightest," he said. "Coordination is difficult and setting an agenda and road map will require significant investment. It would be a good task to assign to the Office of Homeland Security." Rep. Vernon Ehlers (R-Michigan) offered his own suggestion for improving America's computer security: Use a Mac. "I own a Macintosh. I got through Y2K -- I didn't even think about it. And I've never had any problems with viruses. Maybe there's a lesson to be learned." Separately on Wednesday, President Bush's new cyberspace security adviser announced plans for a secure network for government use. Richard Clarke said the network would be called GOVNET -- and would not be connected to the Internet because of the hacker-terrorist threat. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Oct 12 2001 - 06:33:45 PDT