If you asked Jackson Pollock to do a painting representing government computer security, it would look just like every other Jackson Pollock painting.
Stderr
All the unbuffered error messages
If you asked Jackson Pollock to do a painting representing government computer security, it would look just like every other Jackson Pollock painting.
Now that I’m retired, I try hard not to be the guy who stands in the back of the room and shouts “You kids get offa my lawn!” but I have to admit that I often feel that computer security (as a field, in general) has gone horribly out of control and is thumping through the rough terrain and weeds while the driver, who lacks vision, keeps grasping for simple solutions to what is really a complex problem involving strategy, economics, and skepticism.
Parler is a security disaster in progress.
The surveillance state has spent billions and billions of dollars building massive monitoring and data back-haul capabilities, with “fusion centers” that automate analytics and run pre-planned searches for stuff.
This one is mind-bogglingly stupid. But the story serves as a good example of what I mean when I say that computer security can only get so good, because the whole ecosystem is so thoroughly undermined that any effort to secure it can be over-topped by the attackers, with minimal additional effort.
This may be a bit scatter-shot; there’s a lot to cover, and I’m going to try to fold in some answers to comments on my previous posting on the topic. [stderr] I also want to predict the future, so I can say “I told you so!” when it happens.
To be frank, cybersecurity pisses me off so much whenever I think about it, that it’s almost painful to write about. But the questions are interesting and worthy of respect.
Some mornings, when your alarm clock fires off, you just roll over and slap the “snooze” button. If you do that long enough, you can get quite good at it; there have been mornings when I hit the “snooze” button 15 or more times in a row, pushing back my wake-up time by as much as 2 hours. I used to know someone who claimed that they could sleep-walk through their morning status meeting, effectively grabbing several extra hours of sleep.
In my recent posting on Cyberpunk, Commentariat(tm) Agent LykeX decided to call my bluff [stderr] regarding the question of gamifying hacking/cyberwar in a semi-realistic manner. So, in order to better explain the topic, I have arranged for the federal government to horribly face-plant its entire security strategy by suffering a devastating transitive trust attack. Seriously, the timing is remarkable.
The last month has been eye-opening, indeed. Already a non-fan of representative democracy, I’ve learned that I was insufficiently cynical – when you have a system that has been designed to be corrupt, it’s rife with holes to allow corruption; such a system cannot withstand adverse gamespersonship. It is built-in.
Are you tired of this stuff? I’m sick of it, personally. It’s depressing. I feel like I’ve been wandering around blissfully ignoring how horrible nearly half of my fellow citizens and neighbors happen to be. To be fair, since I live in deep “Trump country” it’s more than half. What’s wrong with these people? [I actually have a fairly good idea but we don’t have time or inclination to do a class analysis of American history]
I suspect this is not the first such incident, but it’s the first that anyone has been willing to cop to. I also suspect that, somewhere, a lawyer is screaming, “NO SHUT UP YOU IDIOT!”