Policy-makers
if policy-makers are only informed by the catchphrase and not the definition, they will make bad policy.
I suspect policy-makers don't feel any need for a definition.
While “cyber* operations” are becoming an increasing focus of both government and private research, legal frameworks are failing to keep pace, the US Army Cyber Command operational attorney Robert Clark has told the AusCERT security conference in Queensland. As noted earlier by F-Secure’s Mikko Hypponen in his keynote address …
What the fuck does a fucking lawyer have to do with the army's computer security? Oh ... Never mind. He used the term "cyber" in supposedly serious commentary. He's a fucking idiot and can be summarily ignored.
"including deciding that “our cyber-security must be based on law or the [US] Constitution,” Clark said"
So he's pro revoking the obviously unconstitutional "patriot" act, then?
"Clark agrees, but said he can’t avoid using it, given his job description."
So he's only in it for the bucks, then? Isn't actually interested in making a difference? Typical cowardly political appointee slime-ball ...
So by using potty-mouth talk to reinforce your point, and of course because of your own credentials in this field, I should ignore this person?
Why not say 'i think he's an f-in' idiot', etc. ? Then, back it up with sources that he is indeed.
Then i'll be possibly more inclined to agree with you.
Not that i'm saying that he is or isn't an authority in his field. Dunno, haven't read up on this guy. Just your language rubbed me the wrong way.
In general, lately most of the remarks posted here and on other articles are going nowhere beyond 'the Reg must be in cahoots with <supplier of gear>' and 'this guy must be in it for the money', etc.
Do try a bit harder to come up with something worthy of discussion, please?
Now, get off my lawn!
*grumpy*
No point telling us what StuxNet WASN't... setting aside the rights and wrongs of the need for the effort completely - if a deliberate, well planned, well funded, brilliantly coordinated, multi-front assault by one or more sovereign nations against extremely well protected, national security assets of another soveriegn nation does not qualify as a 'cyber-attack' just what the f$%k DOES?
Pray Tell elReg... because this article sure as hell doesn't (paint me extremely dissappointed - the reporting standards are slipping again)
I think he's working with the 'single campaign does not a war make' philosophy. I've seen other real generals post similar thoughts. They may have concerns about how cyber operations affects an actual attack, but unless the cyber attack itself generates actual human casualties, it isn't an attack. They tend not to attempt to address the "if patients at a hospital die as a result of a coordinated/state planned malware attack, does they constitute casualties" question.
I'm wishy-washy on this point. I see and understand what they are saying, and agree to some extent, but also think the concept of a cyber attack is a useful one in other contexts. It may be a bit like the old justice's definition of porn, we might not be able to define it, but we'll know what it looks like after the first one happens. Until then, they are pre-cursors and not real cyber attacks.
Quite so, Beer_M0nster, but it must not be forgotten and always remembered that nations actually do nothing at all, and it is just individuals acting as if national/international/internetional authorities, which stick you with rules and regulations which ring the system in their favour ....... ergo is it a much more personalised intelligence head game in a field which IT makes real but which cannot be defended or employed by fools and fools' tools against significantly more intelligent virtual forces who would immediately recognise the desperation of cyber attacks against vapourware foes just to project in order to try and protect an untenable, intellectually bankrupt and artificially manufactured/media pimped and pumped lead position as one battles in vain against anonymous and invisible and therefore untouchable, ever increasingly superior odds stacked in pipelines and metadatabase centres/content management systems for the free share and use of smarter beings.
And the beautiful, remarkable stealth which allows everything to be placed into effective shadow control position, is that you cannot believe how stupid is Man and how much smarter are others who would share what you would need to be knowing to prevent Colony Collapse and Ignorant Mayhem
...... http://www.ur2die4.com/?p=2225
"ergo is it a much more personalised intelligence head game in a field which IT makes real but which cannot be defended or employed by fools and fools' tools against significantly more intelligent virtual forces who would immediately recognise the desperation of cyber attacks against vapourware foes just to project in order to try and protect an untenable, intellectually bankrupt and artificially manufactured/media pimped and pumped lead position as one battles in vain against anonymous and invisible and therefore untouchable, ever increasingly superior odds stacked in pipelines and metadatabase centres/content management systems for the free share and use of smarter beings."
Probably the longest "sentence" I've ever read; ever!
Quite so, Beer_M0nster, and from the phrase, "more precise definitions needed to invoke laws of armed conflicts", I take it Clarke wants to make it clear that "we" (US + allies) can do this to "them", but "they" are definitely not allowed to shoot back.
But, no worries, it seems Richard Clarke is outranked by Mikko Hyppönen now, I mean, with a job title like Dick's, and he only gets a stream speaker slot?
@DanDanDan... you READ amanfromMars 1's posts? Wow!
"cyber"- prefix, appended to words by people in positions of power in order to attempt to raise the fear or threat of danger in others equally lacking in understanding of the situation at hand.
Examples include, "cyber-terrorist", "cyber-activist", "cyber-war" and "cyber-threat".
But there it is.
Funny thing is, in my teens I'd get saddened by the thought that we'd never get the Internet to be called "cyberspace" – but now that IT and security pundits can't stop their traps from blurting "cyber" every other second, I can't stand hearing it being called that. Guess we should really be careful with what we wish for...
Until someone dies because of a so-called 'cyber-attack,' this isn't cyber-war. That's my definition.
1. Don't connect important stuff to the internet
2. Stuff that is connected to the internet, make sure you have a non-connected backup system (you know, like there used to be before the internet was invented)
3. That's it.
OK, so when there's an "attack" things happen a bit slower and more inconveniently but it's not going to hurt anyone.
And who cares if FaceTwitterTube+ goes offline. Oh, wait, the sheeple will have to face "real life" TM.
How about... A human? It was not that uncommon to have humans check 'important things'.
I do understand - as a business you want to save money, so you find ways of keeping the company afloat while cutting the work force.
Then, you introduce these 'computers' as a replacement. But, if it's so critical to your business, why have it exposed in such a way that any script-kiddie could access that 'critical' device? Or do companies simply not think about the ramifications of having this accessible for people that are trying to do 'bad things'?
If that's the case, these decision-makers should be fired, and the companies supplying these insecure technologies should be pushed out of business.
Why would a local water reclamation company be making their filtration pumps accessible for the outside world?
The mind boggles.
On the other hand - a novel way of creating a whole new line of business, don't you think?