[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Call for input to President's Commission on Enhancing Cybersecurity
On Tue, 19 Jul 2016 22:13:00 -0400
Steve Kinney <email@example.com> wrote:
> Bridging the trust gap between the IT community and the US government
> is already a done deal, because there has never been one. The U.S.
> government funded and directed the creation of the IT industry.
^^^ quoted for truth
> The U.S. government has not alienated the IT community: It has
> shielded this community from liability for fraudulent performance
> claims, fed it billions of dollars of annual revenue, and given
> Fortune 500 IT corporations nearly full control of government policy
> affecting those same corporations.
so called patents and copyrights, i.e. government privileges,
play a fundamental role too.
> Mandate security evaluations based on performance and design metrics
> for all software (and firmware) purchased for use by government
> agencies and departments.
You do get a good amount of statist pig points for that one.
Actually, the government must stop buying stuff and must start
giving back all the money they stole.
> Mandate reporting of security incidents by every government activity,
> and every commercial enterprise with a State or Federal tax ID,
So yeah, statist bullshit.
> Direct the Federal Communication Commission to conduct and annually
> review studies on the privacy impacts,
And even more statist bullshit.
And of course I now have to ask. First you correctly explain
the relationship between the 'industry' and the state and then
expect the state to regulate it? What?
> See above. A durable commitment of all necessary resources to assure
> that the measures suggested in response to query 2 are effectively
> implemented would create and sustain rational, constrained trust
> relationships affecting all those aspects of "cybersecurity" which are
> properly the government's business.
So yeah, statist pig.
> A practicable proposal would be one that is within the scope of public
> policy authorities and industry capabilities: Vendors who assert that
> requirements are "impossible" or simply refuse to comply will be
> replaced by vendors who are ready to step forward and meet any
> challenges presented. Solutions to many of today's most serious and
> widespread network security failures are already avaialbe as off the
> shelf products from vendors with excellent security track records.