May 04, 2007

Geer heads to Washington, Again

Dan Geer's testimony [mirror] from an April 23th hearing with the Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology
 is worth reading - especially if you want to understand how our security priories should stack up.

Dan recommends our government take steps to:

• We need a system of security metrics, and it is a research grade problem.

• The demand for security expertise outstrips the supply, and it is a training problem and a recruitment problem.

• What you cannot see is more important than what you can, and so the Congress must never mistake the absence of evidence for the evidence of absence, especially when it comes to information security.

• Information sharing that matters does not and will not happen without research into technical guarantees of non-traceability.

• Accountability is the idea whose time has come, but it has a terrible beauty.

Posted by Abner on May 4, 2007 10:19 AM


Recent Entries
iPhone's SIM Locks: Hardware vs. Software vs. Lawyers
Even (or especially) contests could use a security review
Vendors Responses: Voting Machines and the Pwnie Awards
Dude "Security Rocks"
iPhone Wi-Fi Vulnerability
Harry Potter Security
iPhone Hacking & Fustrations
Let the iPhone Hacking Begin
Geer heads to Washington, Again
This Just In: DRM still doesn't work
L0pht
Phishing meets Internet Advertising
How long to unlock the iPhone Operating System?
Predictive Markets For Politics
The Irony of Phone Security Google Ads
Why Biometric Fingerprint Readers Are A Waste
How to Blag an Interview
Yet another Boston marketing flub
MAC vs. Vista Security
The latest in physical security
Data Loss Archive
Guerrilla Marketing Backfires in Boston
Hackistan
NY Times on the "Market" For Software Vulnerabilities
Not marketing security, marketing *during* security