Art Coviello:

Our investigation has led us to believe that the attack is in the category of an Advanced Persistent Threat (APT).

It's troubling that the integrity of deployed SecurID systems is in any way dependent on information stored on the RSA intranet.

From the archive, a US analyst:

He would rather not have uniformed guys looking over his shoulder, but there is no way anyone of his skill level can get away from that kind of thing.

On John McCain:

In all his speeches, John McCain urges Americans to make sacrifices for a country that is both "an idea and a cause".

He is not asking them to suffer anything he would not suffer himself.

But many voters would rather not suffer at all.

BBC:

The dessert, called Baby Gaga, is churned with donations from London mother Victoria Hiley, and served with a rusk and an optional shot of Calpol or Bonjela.

Mrs Hiley, 35, said if adults realised how tasty breast milk was more new mothers would be encouraged to breastfeed.

Open Letter to RSA Customers

Howard Schmidt:

Today, I am pleased to announce the latest step in moving our Nation forward in securing our cyberspace with the release of the draft National Strategy for Trusted Identities in Cyberspace (NSTIC). This first draft of NSTIC was developed in collaboration with key government agencies, business leaders and privacy advocates. What has emerged is a blueprint to reduce cybersecurity vulnerabilities and improve online privacy protections through the use of trusted digital identities.

No longer should individuals have to remember an ever-expanding and potentially insecure list of usernames and passwords to login into various online services.

We seek to enable a future where individuals can voluntarily choose to obtain a secure, interoperable, and privacy-enhancing credential (e.g., a smart identity card, a digital certificate on their cell phone, etc) from a variety of service providers -- both public and private -- to authenticate themselves online ...

From the Loose Tweets Sink Fleets Department:

What in the world is going on? Oh, it's a hacker causing all of this chaos. A hacker has gotten into the U.S. Federal payroll system and electronically issued paychecks ... to himself! totaling billions of dollars!

Paul Ferguson:

We are all responsible.

And we are all failing.

Andrew Keen:

In the future, I think there will be pockets of outrageously irresponsible, anonymous people ... but for the most part, we will have cleansed ourselves of the anonymous.

Bruce Schneier:

Will not wearing a life recorder be used as evidence that someone is up to no good?

New Scientist:

The US Department of Homeland Security is developing a system designed to detect "hostile thoughts" in people walking through border posts, airports and public places ...

Decius:

Unless there is some detail that I'm missing, this sounds positively Orwellian.

Eric Schmidt:

If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place.

The National Strategy for Trusted Identities in Cyberspace

From the Loose Tweets Sink Fleets Department:

Something very strange is underway. I went to get cash out of an ATM this morning, and the ATM had no cash. So, I went to another ATM, and it too had no cash. Strange, right?

What in the world is going on? Oh, it's a hacker causing all of this chaos. A hacker has gotten into the U.S. Federal payroll system and electronically issued paychecks ... to himself! totaling billions of dollars!

How did a hacker get into our network? Did you lose a laptop or PDA? Or maybe you gave out DoD systems information to a salesman?

From the archive, The Horror, The Horror:

Owner: Take this object, but beware it carries a terrible curse!

Homer: [worried] Ooooh, that's bad.

Owner: But it comes with a free Frogurt!

Homer: [relieved] That's good.

Owner: The Frogurt is also cursed.

Homer: [worried] That's bad.

Owner: But you get your choice of topping!

Homer: [relieved] That's good.

Owner: The toppings contain Potassium Benzoate.

Homer: [stares]

Owner: That's bad.

Information Assurance Awareness

James L. Jones:

"There is no right-hand, left-hand anymore."

Ellen Nakashima:

President Obama is expected to announce late this week that he will create a "cyber czar."

Anonymous White House official:

"It's trying to steer us in the right direction."

From the Oxford American Dictionary:

cybernetics. Origin: 1940s, from Greek kybernētēs, "steersman", from kubernan, "to steer"

Why look when you can leap?

We are a cyber nation.

The NITRD Program Senior Steering Group (SSG) for cybersecurity R&D invites you to participate in the National Cyber Leap Year.

Bruce Sterling:

Follow your bliss into the abyss. That's my new bumper sticker. This is the abyss. You guys are the denizens of the abyss. I strap on my diver helmet and go into the internet as far as you can go.

Albert-László Barabási:

We modeled the mobility of mobile phone users in order to study the fundamental spreading patterns that characterize a mobile virus outbreak. Once a mobile operating system’s market share reaches the phase transition point, viruses will pose a serious threat to mobile communications.

Speaking of serious threats:

At least one Russian official has said that a cyber-attack on Russia’s critical transportation or power infrastructure would warrant a nuclear response.

General "Buck" Turgidson:

Mr. President, we are rapidly approaching a moment of truth both for ourselves as human beings and for the life of our nation. Now, truth is not always a pleasant thing. But it is necessary now to make a choice ...

Normal trojans are a known threat, and we know how to mitigate them. But what about virtual machine trojans?

vimtruder

Cyber is the new Pakistan.

Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials.

Under the Bush administration, Congress approved $17 billion in secret funds to protect government networks, according to people familiar with the budget. The Obama administration is weighing whether to expand the program to address vulnerabilities in private computer networks, which would cost billions of dollars more.

Last week, Senate Democrats introduced a proposal that would require all critical infrastructure companies to meet new cybersecurity standards and grant the president emergency powers over control of the grid systems and other infrastructure.

From the NERC letter:

"Identification and documentation of the Critical Cyber Assets associated with the Critical Assets that support the reliable operation of the Bulk Electric System" necessitates a comprehensive review of these considerations. The data submitted to us through the survey suggests entities may not have taken such a comprehensive approach in all cases, and instead relied on an "add in" approach, starting with an assumption that no assets are critical. A "rule out" approach (assuming every asset is a CA until demonstrated otherwise) may be better suited to this identification process.

Electricity Grid in US Penetrated By Spies

Bruce Schneier:

Data is the pollution of the information age.

This is wholesale surveillance; not "follow that car," but "follow every car."

More is coming.

Will not wearing a life recorder be used as evidence that someone is up to no good?

Noam Cohen's friend:

Privacy is serious. It is serious the moment the data gets collected, not the moment it is released.

From last year's best-of:

So many things these days are made to look at later. Why not just have the experience and remember it?

Thomas Powers:

Is more what we really need?

Stewart Brand:

In some cultures you're supposed to be responsible out to the seventh generation -- that's about 200 years. But it goes right against self-interest.

The Pollution Of The Information Age

Paul Ferguson:

This entire discussion of "Who will be responsible for US Cyber Security?" is the wrong discussion altogether.

We are all responsible.

And we are all failing.

Greg Conti:

The revolution in cyberwarfare ... necessitates the formation of a cyberwarfare branch of the military, on equal footing with the Army, Navy, and Air Force.

We do not make this recommendation lightly.

Also:

We're all losers now. There's no pleasure to it.

From last December:

"You have to laugh to keep from crying these days," she said as she wiped away tears.

In the long run we are all dead.

Cyber Security: Blurred Vision

John Markoff:

There is a growing belief among engineers and security experts that Internet security and privacy have become so maddeningly elusive that the only way to fix the problem is to start over.

What a new Internet might look like is still widely debated, but one alternative would, in effect, create a "gated community" where users would give up their anonymity and certain freedoms in return for safety.

Scientists armed with federal research dollars, working in collaboration with the industry, are trying to figure out the best way to start over.

In other news, cypherpunk futures rose sharply in after-hours trading.

Your Call Is Important to Us.

At a meeting of the Lebanese parliamentary communications committee, MP Marwan Hamada and internal security chief Ashraf Rifi said that Syrian intelligence was wiretapping everyone in Lebanon.

Can you hear me now?

NSA is said to be offering "billions" to any firm which can offer reliable eavesdropping on Skype IM and voice traffic.

Oh, Canada!

An Ontario Superior Court ruling could open the door to police routinely using Internet Protocol addresses to find out the names of people online, without any need for a search warrant.

"A lot more people would be apprehensive if they knew their name was being left everywhere they went."

Fear not:

We're going to be okay, aren't we Papa?
Yes. We are.
And nothing bad is going to happen to us.
That's right.
Because we're carrying the fire.
Yes. Because we're carrying the fire.

They are carrying the fire through a world destroyed by fire, and therefore -- a leap of logic or faith that by the time the novel opens has become almost insurmountable for both of them -- the boy must struggle on, so that he can be present at, or somehow contribute to, the eventual rebirth of the world.

Do We Need a New Internet?

A New York computer forensics firm found that 40% of the hard disk drives it recently purchased in bulk orders on eBay contained personal, private and sensitive information.

Recently, Decius wrote:

One must assume that all garbage is monitored by the state. Anything less would be a pre-911 mentality.

40% of hard drives bought on eBay hold personal, corporate data