Truth About Computer Security Hysteria
And now for something completely differentRob Rosenberger, Vmyths co-founder
Wednesday, 16 May 2001 I DESCRIBE THE antivirus industry these days as a "Fifth Column." But the industry doesn't like it when I point out their involvement in Chinese military cyberwar efforts. I don't want to offend my best-est friends, so I won't go there.
FBI mishandled the worst act of domestic terrorism thanks to computer incompetence. This same agency wants you to believe they can protect America from computer threats...President Bush's infowar czar, Richard Clarke, toned down his "digital Pearl Harbor" rhetoric after The China Syndrome came to light. I want to talk about the embarrassing lull in White House fearmongering, but it would hurt my chances of getting invited back to the nation's capitol. So, I won't go there either. (By the way, Ricky — why did you turn down Trend Micro's job offer?) Even the media doesn't seem to care about the really great computer security scoops. I sound like a broken record in my columns and I wind up hurting my best-est friends' egos & stock options. The industry is right: I should rant about something else for a change. Hmmm... Hey, I know! Let's talk about death row subscriber Timothy McVeigh. His crime has nothing to do with computer viruses, and I doubt he'll read my column before his subscription expires. An MSNBC story notes "government officials blamed [FBI's] failure to disclose [thousands of Oklahoma City bombing] documents on a sloppy computer system that was the subject of warnings as long ago as 1999." Danny Defenbaugh (the bombing investigation G-man-ager) admits in a spin control press release his team noticed "some of the materials from various FBI field offices were not a part of the investigative database" when they finally exercised "due diligence" 5.5 years after the crime. If I could sum it up in one sentence, I'd say "FBI mishandled the worst act of domestic terrorism thanks to computer incompetence." A man who confesses to the crime, who refuses to apologize, who wants the death sentence, and who wants a speedy end, will not meet Satan as originally scheduled — because the FBI relies on screwy dewey decimal software. What does the "I" stand for in FBI, anyway? We can't even trust our Keystone Kops to put down a rabid sitting duck like McVeigh. "Take careful aim... Squeeeeeze the trigger... Agh! You shot the legal system!" Let this be a lesson to the next pustule who tries to deliver his own head on a silver platter: FBI may spoil your plans by snatching defeat from the jaws of victory. FBI may be as blind as Lady Justice, but guess what? They want more funding so they can protect America from computer terrorism. Heaven help us.
THE NATIONAL INTERNET Protec-- oops, let me start over. The National Infrastructure Protection Center (FBI NIPC) guards the Internet from hackers & Trojans & viruses, oh my. (Their charter tells them to do something else, but they ignore it for political reasons.) Sadly, FBI screws up in the realm of cyber-terrorism much worse than they screw up in the realm of physical terrorism.
FBI screws up in cyber-terrorism much worse than they screw up in physical terrorism. But let's give the feds some credit: they catch traditional terrorists. They've not yet caught an Internet warlord...I swear: Defenbaugh looks like Elliot Ness when compared to the history of mis-management at FBI NIPC. Okay, okay, let's give Defenbaugh some credit. His team actually caught a terrorist. FBI NIPC hasn't tracked down a single Internet warlord to date. J. Edgar Hoover's cyber agents — not to be confused with special agents who carry guns — trivialize Timothy McVeigh's crime by comparing him to an annoying teen hacker and his two teen protégés. FBI NIPC also equates those three bored kids with Unabomber Ted Kaczynski. (I don't make these claims lightly. Watch their bizarre video about cyber-teens if you don't believe me.) FBI wants to guard America's electrons? Bah. I'd place my network in the hands of the Sponge Awareness Foundation before I'd entrust it to Mulder & Scul-- oops! Timothy McVeigh led me to a computer security controversy. Who would've guessed? I offer sincere apologies to my best-est friends. Crud. What can we talk about, if not controversial computer security issues? Hey, I know! Let's talk about California's rolling blackou-- nope, forget it. Clarke describes the horrifying prospect of rolling blackouts in his "digital Pearl Harbor" scenarios. Or at least he used to describe it as a horrifying prospect. Why Clarke stopped fearing rolling blackouts, I don't know. (FBI NIPC should arrest these Internet warlords for launching denial-of-service attacks against California's computer users. But let's not digress.) Hmmm... Let's talk about agriculture instead. I live in a state where you can actually watch the corn grow. One of my senators, Charles Grassley (R-IA), predicts farm yields this year wil-- oops! Grassley sits on FBI NIPC's oversight committee and he expressed outrage over the McVeigh screwup. I might impact the agency's cyber-budget if Grassley learns I'm a constituent. Crud, there I go again. I keep offending my best-est friends by pointing out their controversies. Okay, let's talk about the demise of Perry Como. Post offices and rest stops lowered flags to half-staff for the baritone crooner who-- oops, did I mention the U.S. Postal Service? We definitely don't want to go there. Let's end today's column before I offend anyone else...