Archive for March, 2009

Cybersecurity Act of 2009

March 21, 2009 at 7:15 pm · Filed under General Post

The proposed content of this bill makes for a variety of interesting discussions:

http://cdt.org/security/CYBERSEC4.pdf

http://thomas.loc.gov/ (search for S.773)

…not least of which is a proposal to license all cybersecurity professionals within 3 years. Else, you can’t do business with the government. (See “Section 7″ starting on page 21 of the PDF).

“Beginning 3 years after the date of enactment of this Act, it shall be unlawful for any individual to engage in business in the United States, or to be employed in the United States, as a provider of cybersecurity services to any Federal agency or an information system or network designated by the President, or the President’s designee, as a critical infrastructure information system or network, who is not licensed and certified under the program.”

It was pointed out to me that an existing DOD regulation pretty much already requires these conditions, albeit limited to DOD employees and contractors rather than all persons seeking to do business with any part of the US Government:

http://www.giac.org/8570/

Comments (1)

Smart, Secure Energy Grid

March 21, 2009 at 2:25 pm · Filed under Current Events, Editorial, Uncategorized

Smart Energy Grids will save us, the planet, and possibly the universe. We should rest assured that the industry, with the help of smart academics, knows what it is doing:

http://us.cnn.com/2009/TECH/03/20/smartgrid.vulnerability/index.html

Also, industry representatives said, they have no intention of putting an unsafe grid online.

"We are not going to manufacture this car without a seat belt," said Ed Legge, a spokesman for the Edison Electric Institute."

That sounds comforting. But seatbelts don’t do much against side-impact crashes, or alien laser rays, now do they?

[The original email spurred a piece of funny commentary by Sergey about "security by analogy" -Ed.]

Comments off

Fresh tools, new approaches

March 13, 2009 at 10:15 am · Filed under Announcement

Welcome to the blog at freshdefense.net!

We set up this site to have a way to share the information security tools we’ve been building over the past few years. A large subset of us do research on a variety of information security topics, from PKI to intrusion detection to operating systems security. Making the products of this bleeding-edge research available (particularly those created without funding support) for use to the wider public is sometimes challenging. This site is meant to serve as such an outlet for us. We also intend to post articles, opinions, and other missives on information security and privacy topics as time permits.

Comments (2)