Re: whitehouse cyber strategy review

[Rich Kulawiec <rsk () gsp org>]

On Sat, Nov 14, 2009 at 08:13:03PM +0200, Gadi Evron wrote:
> Is it me or is the new Whitehouse cyber security document just b/s of 
> more cooperation yet again?


Most disappointingly, it is.  The entrenched interests in various
branches of government are a major obstacle to any attempt to improve
security, because they're loathe to learn anything, change anything,
consider anything, or (horrors!) admit anything's wrong.

What's needed isn't a czar, it's a dictator empowered to ram it
down their throats, because that's the only way anything remotely
effective will ever get done.  I generously volunteer myself,
and my first command unto to my cringing lackeys shall be:

        Don't run Windows, morons.

While I'm being facetious (I have minions, not lackeys), this single change
would do far more for federal IT security than everything that's been done
to date combined.

Which is of course why it will be instantly dismissed.  As will everything
else that has a fighting chance of working. Instead, there will be committees,
and initiatives, and studies, and policies, and all kinds of drivel that in
the end will achieve little of value.  Lots of money will be spent,
speeches will be given, and in the end there will be (once again)
massive Fail accompanied by the obligatory key phrase that belongs
in every breach admission: "Nobody could have foreseen..."

---Rsk
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.