Re: [ISN] Lieberman blasts Bush cybersecurity plan

From: InfoSec News (isn@private)
Date: Fri Mar 26 2004 - 00:35:00 PST

  • Next message: security curmudgeon: "[ISN] Open Source Vulnerability Database Opens for Public Access"

    Forwarded from: blitz <blitz@private>
    
    But its the political season, and everyone is out from under their
    rock, bemoaning anything that will give their candidate an edge.
    
    Obviously, the goverment shouldn't be in the software assurance
    business, that is unless you're for a complete micro-management of
    life as it exists on this planet by big brother. (Obviously, some like
    Lieberman are for this) The government wasn't able to protect us 9.11,
    and today even in places where we have copious amounts of government
    troops, well armed and backed up by a large military contingent we
    still have random acts of attack and terror.
    
    Now post 9.11, the agencies who failed us are given promotions, and
    huge budget increases. So much for encouragement and rewarding
    competence.. And just WHO does Lieberman think would be qualified to
    "assure" that software? The NIST? The FCC? The department of
    Tree-hugging weirdness? No, obviously this is a call for another huge
    bureaucracy, the "Department of Software Assurance" perhaps?
    
    Following current practice, once authorized, all the jobs will be
    offshored to India, where the people who break our software in the
    first place and steal our jobs will have a second go around at it,
    "assuring" the software will always be broke and the DSA (Department
    of Software Assurance) will have plenty political jobs to hand out.
    
    
    > <snipped>
    >
    > > The 22-page letter criticized DHS officials' performance and asked
    > > 57 questions covering areas such as what DHS is doing about
    > > reducing software vulnerabilities, and plans for continuity and
    > > contingency planning.
    >
    ></snipped>
    >
    > Since when is the government in the business of righting software?  
    > How do they reduce software vulnerabilities? I don't understand how
    > DHS can deal with these issues. The most they can do is increase the
    > standards, and institute a reliable mechanism of enforcing the
    > standards. There certainly have been more security auditing and
    > expectations in a post 9/11 government. I don't know what it has
    > bought us, but the government is more acutely aware of the issues.
    
    
    
    
    _______________________________________________
    isn mailing list
    isn@private
    http://www.attrition.org/mailman/listinfo/isn
    



    This archive was generated by hypermail 2b30 : Fri Mar 26 2004 - 03:40:05 PST