Call for input to President's Commission on Enhancing Cybersecurity
juan
juan.g71 at gmail.com
Tue Jul 19 20:46:32 PDT 2016
On Tue, 19 Jul 2016 22:13:00 -0400
Steve Kinney <admin at pilobilus.net> wrote:
> Bridging the trust gap between the IT community and the US government
> is already a done deal, because there has never been one. The U.S.
> government funded and directed the creation of the IT industry.
^^^ quoted for truth
> The U.S. government has not alienated the IT community: It has
> shielded this community from liability for fraudulent performance
> claims, fed it billions of dollars of annual revenue, and given
> Fortune 500 IT corporations nearly full control of government policy
> affecting those same corporations.
so called patents and copyrights, i.e. government privileges,
play a fundamental role too.
> Mandate security evaluations based on performance and design metrics
> for all software (and firmware) purchased for use by government
> agencies and departments.
You do get a good amount of statist pig points for that one.
Actually, the government must stop buying stuff and must start
giving back all the money they stole.
>
> Mandate reporting of security incidents by every government activity,
> and every commercial enterprise with a State or Federal tax ID,
So yeah, statist bullshit.
> Direct the Federal Communication Commission to conduct and annually
> review studies on the privacy impacts,
And even more statist bullshit.
And of course I now have to ask. First you correctly explain
the relationship between the 'industry' and the state and then
expect the state to regulate it? What?
> See above. A durable commitment of all necessary resources to assure
> that the measures suggested in response to query 2 are effectively
> implemented would create and sustain rational, constrained trust
> relationships affecting all those aspects of "cybersecurity" which are
> properly the government's business.
So yeah, statist pig.
>
> A practicable proposal would be one that is within the scope of public
> policy authorities and industry capabilities: Vendors who assert that
> requirements are "impossible" or simply refuse to comply will be
> replaced by vendors who are ready to step forward and meet any
> challenges presented. Solutions to many of today's most serious and
> widespread network security failures are already avaialbe as off the
> shelf products from vendors with excellent security track records.
such as?
More information about the cypherpunks
mailing list