> "it seems like there's nothing America can do to defend itself."
We could consider a legal requirement to disclose security breaches. If every firm that failed its customers had to admit it to the market, I would think financial pressure would move us toward more effective security fairly quickly.
It has to be considered that effective security has significant costs financially and non-financially. (An example of a non-financial cost is a overly difficult registration process for a web application that requires long, complex passwords with multiple security questions and answers.)
I was thinking more about the systems for major banks, defense contractors, industry suppliers, etc.
And effective security wasn't meant to imply the best thing you can think of. It would be a huge step forward if more people simply did the things we all know we should be doing: e.g. policies of accounts not having more access than necessary, network security not 100% focused on the firewall, etc.
It would be a huge step forward if more people simply did the things we all know we should be doing...
That's what I mean by "effective security".
Although security breaches at banks should fall under such laws (especially since they have personal identifiable information), I do not believe defense contractors, energy concerns, industrial suppliers, etc, should even acknowledge such breaches simply because of national security.
That stuff doesn't cost all that much more. It's non-trivial, sure. But it's not going to make a huge impact on the bottom line. A demand for it would end up costing enterprise software suppliers quite a bit in one-time costs to clean up their code-bases and standard install practices.
> "I do not believe defense contractors, energy concerns, industrial suppliers, etc, should even acknowledge such breaches simply because of national security."
Perhaps not to the general public, but certainly they should be required to disclose to their clients.
You don't think we hack them? We're far more proficient than they are, the only difference is that Chinese systems are more difficult for your average script kiddie to hack due to the language barrier.
Seems to me like it correlates with economy more than anything else. The best American (and to a lesser extent western european) programmers are making six figure salaries working on world class products and/or getting funding for their own startups. The best Russian and Chinese programmers are doing ... Google Code Jam.
The logical counter-response would be to encourage the sort of unrest present in the "Jasmine Revolution". This would present China with the same sort of dilemma...they might suspect (or even know) that we were stirring up trouble, but would probably be reluctant to go to war over it.
Who said anything about helping them? I was responding to a comment that suggested we had no useful counter-strategy to hacking, since it's difficult to respond to a cyber attack via conventional means. They know this, which is why it's relatively safe for them to engage in targeted hacking of US targets.
China is vulnerable to social unrest, and stirring up that social unrest puts them in a similarly difficult position...it's not something that they'd likely be willing to go to war over, but causes them great inconvenience. Developing/distributing vpn or other software that would bypass the great firewall would be useful here.
The funny part is, that youtube video in TFA, in the first several minutes it's been keep blaming US being the first and lead in cyber offence/defence warfare.
seems like there's nothing America can do to defend itself
Well that's ridiculous. Just install McAfee. Disconnect yourself from the network. ;-)
Seriously, computer security is a big business. Money is being made. Something is being secured out there.
Edit: Please read the other comments and calm yourself down.
I've had multiple math professors tell me to study as much math as I can while I'm young, because once you're over 30 it's a lot harder to learn math. I'm in my 20's so I'm not sure if this is true.
It also seems to me that the math you would learn in an O'Reilly book isn't in depth enough to contribute to research.
Im in my 40s and still learning plenty of math. I think it's more a function of focused practice than age. I've also seen several profs doing good work well into their 80's so I dont know what your profs are talking about!
I think a lot of "it's much harder to learn X when you're older" (languages for example) is more about not caring as much or not having as much time than it is about having less ability to learn given those things. At least I hope so, since I'm rapidly approaching 30 and there are vast and deep realms of knowledge I'd like to explore but am just getting started now. =)
The Blackberry does have some advantages over other consumer smart phones. RIM's built a lot of infrastructure for dealing with corporate clients and security. It's probably going to be a long time before the president of the United States switches from a Blackberry.
It's a matter of differentiating between a) what we recognize as the real earnings potential (which some see as fairly limited), and b) what John Q. Sharebuyer and Joe C. Fundmanager will probably do (buy buy buy, it's the interwebs!). The reality of 'b' means that shorting is not wise.
Yeah, I know. I'm horrible with names, I named a product BitKeeper and the company BitMover and people ask when the next version of BitMover is going to be released.
We're looking for a fantastic jack-of-all-trades marketing person, can you tell? We frigging need it, if I'm the best we've got we're screwed :)
