[quote=phaster]
sadly if it were to happen, sara mentioned the US political establishment would be clueless[/quote]
Some of your statements on this post, I would agree with.. others not. However this one I would have to strongly agree with.
The US has a very skilled cyber warfare unit. However they way we deal with it at a political and civil level makes us look like bumbling fools.
Why do we allow companies to put out SW so riddled with holes that it is a joke in terms of security, yet beat up hackers who discover some of these holes. Companies profit by putting out crap because you have to pay for maintenance to fix the holes, and they have lower NRE costs by applying the mantra of “Ship it, fix it in the field”.
On a non-damaging hack into a company, we beat up the hacker – even if it was a white hack proving the company’s IT was asleep at the wheel. What about the company who’s poor maintenance allowed it to be a springboard for hacks into other companies?
Why do we give such a pass to China for the amount of wide hacking sweeps that China does? Russia is bad, but China is out of control. China likes to use ‘altered’ PDF files sent as billing info, docs etc to try to break in to a company through Adobe Reader.
We tacitly (not explicitly) ban hacking classes at the Universities – not ‘politically correct’. What is presented is ‘ethical’ hacking – which is really watered down and almost useless. Even the Philippine Universities have ‘practical’ hacking classes. How can you know how to write clean tight code if you don’t know how people break it?
— I could rant on about this… should stop – time for my noon beer!
