Truth About Computer Security Hysteria
Thursday, 11 October 2001
CONGRESSMAN SHERWOOD BOEHLERT (R-NY) chaired a "cybersecurity" hearing the other day. "What legislation and other steps are needed to increase the focus on computer security?" he asked. "We want to focus on real, concrete problems and develop specific solutions."
I hope he didn't ask it rhetorically. If he did, then you can skip the rest of my column.
First of all, Congress could stop stacking their hearings with fearmongers & computer security vendors. I mean, c'mon — how many times has a computer security critic testified on Capitol Hill? You could count them all on a single hand and you'd have five fingers left over.
Second, Congress could start facing some bitter realities. For example, our vaunted U.S. military:
If Congress wants to focus on "real, concrete problems" in computer security, they could start by letting a critic testify at a hearing...
And that's just our vaunted U.S. military! I describe many other bitter realities in my columns.
Congress doesn't yet want to focus on "real, concrete problems" in the computer security world. They'll never "develop specific solutions" until the day they start getting real. Congress can't start getting real if they dismiss criticism as a politically incorrect viewpoint.
Of course, this same Congress once called three Hollywood actresses to testify on the plight of midwestern farming women. I shouldn't complain just because they stack witnesses in a computer security hearing.
So ... when will Congress start getting real about anything?
- will run like a helpless damsel to the antivirus industry if a "virus war" breaks out;
- gives millions of dollars each year to turncoats who supply virus technology to the Chinese government;
- regularly self-cripples its global command & control networks as a precaution;
- remains vulnerable to any wannabee who wants to cripple their global command & control networks;
- doesn't care enough to demand a secure operating system in its PC contracts;
- suffers virus outbreaks as a result of their addiction to inferior antivirus technologies; and
- deletes its virus outbreak data every single day of the week.