Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

Re: In an Era of Russian Hacks, the US Is Still Installing Russian Software on Government Systems

From: "Dave Farber" <dave () farber net>
Date: Thu, 15 Jun 2017 19:42:28 +0000
---------- Forwarded message ---------
From: Dewayne Hendricks <dewayne () warpspeed com>
Date: Thu, Jun 15, 2017 at 2:41 PM
Subject: [Dewayne-Net] Re: In an Era of Russian Hacks, the US Is Still
Installing Russian Software on Government Systems
To: Multiple recipients of Dewayne-Net <dewayne-net () warpspeed com>


[Note:  This comment comes from friend David Reed.  DLH]

From: dpreed () reed com
Subject: RE: In an Era of Russian Hacks, the US Is Still Installing Russian
Software on Government Systems
Date: June 15, 2017 at 1:47:37 PM EDT
To: dewayne () warpspeed com

The idea that software is "Russian" and that "Russian" means "enemy" in
some unilateral way is an instance of terribly bad thought processes.

As another example, nearly every piece of high tech gear sold by so-called
"American" companies is largely designed and manufactured in the People's
Republic of China (or in Taiwan, which is hardly insulated from mainland
Chinese infiltration and control).

"American" companies, like "IBM" and "Hewlett Packard" are not in any sense
American. Their workforces and supply chain are international.

This tendency to Nationalism may have made sense around the 1940's when
countries were self-sufficient. It makes no sense today.

(Of course, the ignorant leadership of the US and UK play into this
absurdist conception of Nationalism to rally supporters for "America First"
thought patterns).

Is this merely amusing? No. When you try to write laws or to protect your
*citizens*, making such egregious mistakes as assigning "risk" to absurd
nationality-of-origin claims is massively counterproductive.

Is Huawei or Foxconn or TSMC or all the other suppliers of hardware,
software, microcode, design services, ... a tool of national interest?

The answer is, yes for sure. But *what* national interests? And what
*other* interests?

Can we be safe by creating some new kind of economic entity that builds
technology in some kind of "clean room" where people who *never interact in
any way outside of that clean room* do literally everything?

Of course not.

So let's be practical. Tracing of commercial sourcing and supply chains are
the *wrong* place to build in safety and security.

Loyalty oaths and citizenship tests are the worst possible approach, and
using them for political rabblerousing is ignorant and stupid.

There are lots of better ways to engineer safety and security into systems
composed of imperfectly reliable and imperfectly securable parts. We know
how to do that.

But fear-mongering is not constructive, especially based on bizarre logic
that ties nationalism to the wrong pieces of the process.


In an Era of Russian Hacks, the US Is Still Installing Russian Software

on Government Systems

By JOSEPH MARKS
Jun 14 2017


http://m.nextgov.com/cybersecurity/2017/06/era-russian-hacks-us-still-installing-russian-software-government-systems/138683/




Dewayne-Net RSS Feed: <http://dewaynenet.wordpress.com/feed/>



-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/18849915-ae8fa580
Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915&id_secret=18849915-aa268125
Unsubscribe Now: 
https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-32545cb4&post_id=20170615154246:CCA1946A-5202-11E7-8F23-8D908ABD25DB
Powered by Listbox: http://www.listbox.com
Previous By Date Next
Previous By Thread Next

Current thread: