Re: [ISN] Lieberman blasts Bush cybersecurity plan

• Previous message: InfoSec News: "[ISN] Microsoft program: 'You patch, we pay'"
• Maybe in reply to: InfoSec News: "[ISN] Lieberman blasts Bush cybersecurity plan"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarded from: blitz <blitz@private>

But its the political season, and everyone is out from under their
rock, bemoaning anything that will give their candidate an edge.

Obviously, the goverment shouldn't be in the software assurance
business, that is unless you're for a complete micro-management of
life as it exists on this planet by big brother. (Obviously, some like
Lieberman are for this) The government wasn't able to protect us 9.11,
and today even in places where we have copious amounts of government
troops, well armed and backed up by a large military contingent we
still have random acts of attack and terror.

Now post 9.11, the agencies who failed us are given promotions, and
huge budget increases. So much for encouragement and rewarding
competence.. And just WHO does Lieberman think would be qualified to
"assure" that software? The NIST? The FCC? The department of
Tree-hugging weirdness? No, obviously this is a call for another huge
bureaucracy, the "Department of Software Assurance" perhaps?

Following current practice, once authorized, all the jobs will be
offshored to India, where the people who break our software in the
first place and steal our jobs will have a second go around at it,
"assuring" the software will always be broke and the DSA (Department
of Software Assurance) will have plenty political jobs to hand out.


> <snipped>
>
> > The 22-page letter criticized DHS officials' performance and asked
> > 57 questions covering areas such as what DHS is doing about
> > reducing software vulnerabilities, and plans for continuity and
> > contingency planning.
>
></snipped>
>
> Since when is the government in the business of righting software?  
> How do they reduce software vulnerabilities? I don't understand how
> DHS can deal with these issues. The most they can do is increase the
> standards, and institute a reliable mechanism of enforcing the
> standards. There certainly have been more security auditing and
> expectations in a post 9/11 government. I don't know what it has
> bought us, but the government is more acutely aware of the issues.




_______________________________________________
isn mailing list
isn@private
http://www.attrition.org/mailman/listinfo/isn

• Next message: security curmudgeon: "[ISN] Open Source Vulnerability Database Opens for Public Access"
• Previous message: InfoSec News: "[ISN] Microsoft program: 'You patch, we pay'"
• Maybe in reply to: InfoSec News: "[ISN] Lieberman blasts Bush cybersecurity plan"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Mar 26 2004 - 03:40:05 PST