1. 16

Can anyone with a background in cybersecurity share their thoughts on this?


  2. 4

    The part I have heard highlighted as being particularly worrisome is Sec 7(d), which ties together STEM education and the department of defense.

    1. 1

      I don’t think it is malicious? I read it as just “we need to make sure we educate our future workers with skills that will actually be relevant in the future”.

    2. 3

      Sec 6: Review of Cyber Adversaries, subsection C: contains the word identities.

      Sec 2: Findings, subsection A: contains the word criminals.

      If you think of yourself as a hacker, now would be a good time to tell your mom. You know, so she’ll not be inclined to support rounding up all the hackers. ‘Cause that would be embarrassing, eh?

      1. 1

        I seem to recall hearing the phrase “really bad dudes” somewhere recently…

      2. 2

        It seems pretty standard. Appears to be calling for a review by senior administration officials of critical infrastructure.

        1. 5

          They define “critical infrastructure” in broad terms.

          The term “critical infrastructure” means systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.

          Is Twitter, or Facebook something that could have debilitating impact? I mean, if Trump’s account were to be hacked, presumably one could do a ton of damage. My lizard brain is starting to think that this is overly broad, and might be used to strong arm companies into complying with gag ordered “monitoring,” a.k.a. spying–Prism style. But, IANAL, nor am I an expert on government spying and such. I do know that this administration doesn’t seem to give a shit about the law, and does whatever it feels like even with Federal level Judgements, in the name of “national security.”

          1. 4

            Be fair. The last couple administrations didn’t always give a shit about a law and did whatever it felt like in the name of nation security, too. Long before this administration (which has been in power for only 10 days), we got the Patriot Act and Prism and gag orders, etc.

            I also feel this is pretty standard. Form some committees, review what’s going on, make recommendations on what to do. The results of those committee findings and the actions that follow is where people will need to pay attention.

            1. 4

              I’m certainly not giving anyone a pass here. I understand that “national security” plays an important part in all Administrations. That doesn’t mean we shouldn’t question what seems like overly broad wording.

              “We need to excise a tax on bubble gum.” “Why?” “National Security.” “OH, OK! Gotta keep us safe.”

              1. 3

                Yeah, a lot depends on whether the committees end up having competent people on them. Government infrastructure is vast, and just enumerating it is a huge challenge. Securing it to an acceptable level could take years and years, even with good people at the top. It will be very tempting to believe the snake oil sellers, I hope they manage to avoid that.

                1. 2

                  Yeah, a lot depends on whether the committees end up having competent people on them.

                  And Trump has shown us that he’s all about picking the best person for the job, and not political cronies that know how to stroke his ego.

          2. 2

            Missing law.

            1. 0