Comments on: Foreign Policy for Cyber Space

By: Brian B.

Brian B. — Tue, 15 Sep 2009 17:04:55 +0000

Its not just Foreign Policy, there is an entire legal frame-work that needs to be considered.
Cyber is borderless, however the actual and potential impacts are not. This is an area where the US should gently lead rather than act in a unilateral fashion.
The Russians are already calling for an outlawing of offensive cyber weapons, the irony shoul dnot be missed.
The NATO Cooperative Cyber Defence Center of Excellence in Estonia just held their first Legal and Policy Conference to start talking about these issues.
The current status quo is inadequate.

By: gsak

gsak — Fri, 04 Sep 2009 14:51:34 +0000

Yup– good post, Frank.

By: Frank

Frank — Thu, 03 Sep 2009 23:22:08 +0000

It is clear most of you do not get the reports about the new computer viruses, the sharp increase in computer crime(82% is international), the numerous rootkits that emerged this year, and number of malicious web sites Google found via their scans.
The fact is that cyber attacks against businesses and government sites and users are growing by leaps and bounds. You all should do a bit of reading about the current state of security and get the information that makes the subject of this post timely and needed!

By: gsak

gsak — Thu, 03 Sep 2009 20:41:38 +0000

Cenobyte,
Do your employees not communicate with other employees of other companies? And as to PDA-based email, RIM is not the only player.
The best summary is that cybersecurity is often a big compromise between being permissive for the happiness of the employees, and restrictive for the security of the company.

By: Ed

Ed — Thu, 03 Sep 2009 11:26:04 +0000

I think for cyber security we should have our own virus to send back to the attackers that has that picture of hillary show up on their desktop. That would scare anyone from trying to be a hacker again!

By: The Cenobyte

The Cenobyte — Wed, 02 Sep 2009 20:19:14 +0000

When it comes to email (Which was not the major point of my post) I honestly can’t find any of the white papers I have read. However the basic issue is this, almost no one under the age of about 35 uses email at all anymore and users over that age send very few internet email (Mostly enterprise email which is very very different from SMTP) . Most users are switching to or have switched to chat clients, SMS, twitter, blackberry and the like. The number of people that are doing this grows every day, while the number of legitimate email messages (Minus spam obviously) is falling. People have learned that email has issues because it’s so open and easy to exploit and more or less stop using it.
As to enterprise work. I am a VP for enterprise network architecture for a very large US bank. I was until recently was in enterprise security and dealt with security issues day in and day out. 99.99% of our data and network security issues where because of people doing dumb stuff, not computers being compromised.

By: gsak

gsak — Wed, 02 Sep 2009 19:46:22 +0000

Cenobyte, have you ever worked IT in an enterprise Exchange environment? Please give some examples of how most personal “internet” communications are not email.
Spam blocking is better than it used to be, but it is still a problem. Operating System patches take a while to be approved and tested. Social engineering will always be a problem.

By: TDS4S

TDS4S — Wed, 02 Sep 2009 17:42:15 +0000

The thesis sentence seems to be: “Cyber security must be escalated to a top priority of the Obama administration.” I feel obliged to point out that nothing in the article supports that thesis.
The fact that there are 190 million web sites doesn’t do anything to prove that cyber security must be elevated to at top priority. Nor does the fact that 70% of emails are spam. Nor does the fact that there have been numerous warnings of impending cyber threats. Nor does anything else written in the article. You make an assertion that we must prioritize cyber security, but you don’t prove it.
You gotta offer some evidence, Kevin. You can’t just say that “acts of cyber aggression represent the top transnational threat of the 21st Century” and expect me to accept it as truth without any proof. You get a lot of negative comments on this site, Kevin, and one reason is that your articles often consist of one assertion after another with zero proof that any of them are true.
For the next article you write, try a new approach. Instead of making a bunch of speculative assertions that a cyber-terrorism disaster is right around the corner, try making just one plausible assertion. Then prove it. And don’t use random Google-factoids like “there are 140 million blogs on the internet” — use facts that matter. Assert a thesis in the form of: “Cyber-terrorist threat X can cripple America through mechanism Y”. Then present some fact to prove that Threat X exists. Then present facts to prove that Threat X is capable of doing Mechanism Y. Then present facts to prove that Threat Y could, at least in theory, cripple America. Keep in mind that readers won’t accept the idea that even the most successful DOS attack on eBay or Yahoo would cripple America.
Actual threat. Plausible mechanism. Real damage. Proof of each. That would be nice.

By: vfbj Red

vfbj Red — Wed, 02 Sep 2009 12:32:12 +0000

I’m retired and I do not relish the federal Government giving the president the right to suspend free speech. The Internet has become the strongest method of communication. If they control the internet what part of free speech will be controlled next. If government wants to restrict government computerts then so be it but they need to stay away from personal computers unless they are being used to illegally access information whether it is government or financial

By: lim hooi yew

lim hooi yew — Wed, 02 Sep 2009 06:34:14 +0000

i agree men!
Have u not read the news even people without certification also can hack!
Wat u think about it?
even teen can hack C.I.A computer.
It is not something can be prove by paper