May 29, 2009
Cyberspace Policy Review - Assuring a Trusted and Resilient Information and Communications Infrastructure
White House: Securing Our Digital Future, Melissa Hathaway, Cybersecurity Chief at the National Security Council, discusses securing our nation's digital future.
Cyberspace Policy Review - Assuring a Trusted and Resilient Information and Communications Infrastructure, May 29, 2009: "The President directed a 60-day, comprehensive, “clean-slate” review to assess U.S. policies and structures for cybersecurity. Cybersecurity policy includes strategy, policy, and standards regarding the security of and operations in cyberspace, and encompasses the full range of threat reduction, vulnerability reduction, deterrence, international engagement, incident response, resiliency, and recovery policies and activities, including computer network operations, information assurance, law enforcement, diplomacy, military, and intelligence missions as they relate to the security and stability of the global information and communications infrastructure. The scope does not include other information and communications policy unrelated to national security or securing the infrastructure. The review team of government cybersecurity experts engaged and received input from a broad cross-section of industry, academia, the civil liberties and privacy communities, State governments, international partners, and the Legislative and Executive Branches. This paper summarizes the review team’s conclusions and outlines the beginning of the way forward towards a reliable, resilient, trustworthy digital infrastructure for the future."
Related / Reaction
Who Would Want To Be Obama's Cybersecurity Czar?
Posted by Soulskill on Friday May 29, @07:24PM from the fine-i'll-do-it dept. Security Government United States IT
"President Obama is expected to name a new cybersecurity czar sometime soon. This person will be charged with defending the digital boards from attack by hostile nation-states and terrorist organizations. But the question Larry Walsh asks is: Who really wants the job? The previous three people who held the post barely made a dent in solving the security problems. Government bureaucracy and private sector resistance make it nearly impossible to find any measure of meaningful success in this job, he writes."
Reader eatcajun contributes a related link to the long-awaited US cyberspace policy review.
Related If the issue hasn't been “Claimed” by one party or another, you really can't tell them (politicians) appart.
A cybersecurity quiz: Can you tell Obama from Bush?
by Declan McCullagh May 29, 2009 12:19 PM PDT
The U.S. president has announced a comprehensive cybersecurity strategy for the federal government, saying Internet-based threats have risen "dramatically" and the country "must act to reduce our vulnerabilities."
A 76-page White House document calls for a new way of looking at Internet and computer security, saying that private-public partnerships are necessary, collaboration with international organizations will be vital, and privacy and civil liberties must be respected in the process.
Sound familiar? The year was 2003, and the president was George W. Bush, who wrote the introduction to what he called a "National Strategy to Secure Cyberspace."
On Friday, President Obama announced his 76-page "Cyberspace Policy Review"--with precisely the same number of pages [Significant? Ask a numerologist! Bob] as his predecessor's--at an event at the White House.
While the Bush document discusses centralizing cybersecurity responsibilities in the Department of Homeland Security and the Obama document shifts them to the White House, the two reports are remarkably similar. Perhaps this should be no surprise: Obama selected Melissa Hathaway, who worked for the director of national intelligence in the Bush administration and was director of an Bush-era "Cyber Task Force," to conduct the review.
To test your political acumen, we've taken excerpts from both and placed them side by side in the following chart. Can you tell which quotations come from which administration? (An answer key is at the end.)
Who in the organization says, “Let's lie!” Lots of questions here. Was this a laptop used at a fixed location? Why were Social Security numbers logged here?
Recovered UAMS computer held worker data
The Arkansas Democrat-Gazette reports that Lawrence Nichols, a former University of Arkansas for Medical Sciences housekeeping employee, has been charged in the theft of a computer that contained personal information of thousands of current and former employees. The theft occurred May 18th.
The computer was used to make identification badges [typically this function is performed by the security department. If they couldn't protect the computer, who could? Bob] for UAMS employees, students and contractors, and contained names and Social Security numbers. …. It’s estimated the computer was used to make about 50,000 badges, but some of those were to the same individuals because of lost badges or name changes, Taylor said. It didn’t contain contractors’ Social Security numbers because they aren’t UAMS employees.
UAMS information technology staff members examined the computer and determined no one accessed the numbers. [There is no way to confirm that data was not accessed. Bob] However, as a precaution, UAMS officials have sent the computer for an additional examination by Kroll Ontrack, a company that specializes in computer forensic testing “just to confirm that there was no breach,” Taylor said.
What is to come.
Supreme Court Nominee Sotomayor's Cyberlaw Record
Posted by ScuttleMonkey on Friday May 29, @04:27PM from the yes-but-does-she-know-what-she-is-talking-about dept. The Courts Politics
Hugh Pickens writes
"Thomas O'Toole writes that President Obama's choice for Associate Supreme Court Justice, Sonia Sotomayor, authored several cyberlaw opinions regarding online contracting law, domain names, and computer privacy while on the Second Circuit. Judge Sotomayor wrote the court's 2002 opinion in Specht v. Netscape Communications Corp., an important online contracting case. In Specht, the Second Circuit declined to enforce contract terms (PDF) that were available behind a hyperlink that could only be seen by scrolling down on a Web page. 'We are not persuaded that a reasonably prudent offeree in these circumstances would have known of the existence of license terms,' wrote Sotomayor. Judge Sotomayor wrote an opinion in a domain name case, Storey v. Cello Holdings LLC in 2003 that held that an adverse outcome in an administrative proceeding under the Uniform Domain Name Dispute Resolution Policy did not preclude a later-initiated federal suit (PDF) brought under the Anticybersquatting Consumer Protection Act (ACPA). In Leventhal v. Knapek, a privacy case, Judge Sotomayor wrote for the Second Circuit that New York state agency officials and investigators did not violate a state employee's Fourth Amendment rights when they searched the contents of his office computer (PDF) for evidence of unauthorized use of state equipment. While none of these cases may mean much as far as what Judge Sotomayor will do as an Associate Supreme Court Justice 'if confirmed, she will be the first justice who has written cyberlaw-related opinions before joining the court,' writes O'Toole."
“Stupid is as stupid does.” F Gump
Data backup service leads to recovery of stolen laptop
by Elinor Mills May 29, 2009 4:44 PM PDT
… A Berkeley, Calif., man recently recovered his stolen laptop after seeing photos the thief took of himself with the built-in camera via his Internet-based data backup program.
That's according to a police officer's article in an e-mail newsletter from Berkeley City Councilmember Susan Wengraf that was posted to the Web by open-source advocate Bruce Perens.
… Detectives working the case were shown the photos and recognized the man, who had been released from jail earlier in the year. They noticed that in the photos he appeared to be in a motel room and began trying to track down the IP address used by the laptop hoping that it would lead to the motel.
Before that could be accomplished, however, the detectives spotted the man [No doubt using the new photograph Bob] getting into a car in a motel parking lot in Oakland and arrested him.
Perhaps this is something that only non-journalists can do today.
Canada IP battlelines: "plagiarized" report, piracy "guesses"
What sort of research group "plagiarizes" a report advocating for stronger intellectual property laws? And why does the Business Software Alliance give specific percentages for software piracy even in countries where it has done no surveys? A Canadian law professor raised those questions this week—and got results.
By Nate Anderson | Last updated May 29, 2009 11:13 AM CT
… Geist revealed that numerous sections of the Conference Board report were lifted nearly verbatim from an earlier report by the International Intellectual Property Alliance.
You can see how technology evolves to fill all available bandwidth.
Recordr.tv - Video Communication
Do you want to record yourself live so you can share your videos with friends or colleagues? Do you need an application that is very easy to use and that will give you a high quality service? In that case you should stop by Recordr.tv and start learning more about it.
The only thing you need to do in order to take advantage of this online resource is to use a microphone and a web camera. One of the best things about this site is the fact that it is not complicated at all, and allows you to learn how to use the system right away.
For my geek friends. Think of this as the geek version of making your own sword.
Developer Creates DIY 8-Bit CPU
Posted by Soulskill on Saturday May 30, @08:13AM from the now-that's-impressive dept. Hardware Hacking Technology
"Not for the easily distracted: a Belmont software developer's hand-built CPU was featured in Wired recently. Starting with a $50 wire wrap board, Steve Chamberlin built his CPU with 1253 pieces of wire, each wire wrapped by hand at both ends. Chamberlin salvaged parts from '70s and '80s era computers, and the final result is an 8-bit processor with keyboard input, a USB connection, and VGA graphical output. More details are available on the developer's blog."
This could answer a lot of questions...
RegFromApp Monitors & Reports On Registry Changes Instantly
May. 29th, 2009 By Karl L. Gechlik
… this little NirSoft portable application can watch and report what changes your new applications or even Windows is making to your registry.
Another tool for staying current
Download Junkies, Update Your System With RadarSync
May. 29th, 2009 By Tim Watson
… RadarSync scans your Windows system for programs which may need updating.
… I was pleasantly surprised by the number of programs the scanner recognized, including system drivers.