11 of 13Image
DEF CON won
For years, the annual DEF CON shindig in Las Vegas hosted two very similar, yet very different types of people: spies and geeks. The idea of DEF CON is to show the latest hacks, cracks, and methods of overcoming and defeating security of all kinds, and then discuss how to better protect us all from those hacks.
And, for years, the suits from the various federal agencies concerned with information security partied quite well with the geeks from the various Internet companies, universities, and parents' basements all over America.
But not this year. This year, the geeks put their feet down and banned the feds. There were to be no spies, no suits, no shadowy government types at this years DEF CON. After all, with all the noise about the NSA spying, and all the one-upsmanship spying that goes on at DEF CON just for fun, the Snowden revelations clearly put the government spies on one side of the game and the geeks on the other.
They could not be seen together anymore.
While this was disappointing for the geeks who wanted government money or government jobs, it was devastating to the suits who looked forward to DEF CON for the opportunity to let down their hair, take off their ties, and hack like it's 1999.
As former and occasional suits ourselves, we feel bad for the ban. So, as our gift to you, we give you permission to listen in to the planning conferences for next year's DEF CON, and our recommendation that you swipe the plans for the identification cards that will let you into the event. After all, if you can hack the event, you deserve to get in, don't you think?
Day 10: A Fiverr for Department of State
Wow, this has just not been the best year for America's top diplomatic institution, the United States Department of State. First, there was the whole "blame-it-on-YouTube" incident in Benghazi a year or so ago. And then, apparently, there's just not enough love (or at least "Like") in the Department of State (which abbreviates, disturbingly, as DoS, which we all know as Denial of Service). Hmmm...
In any case, some very lonely officials at Foggy Bottom decided that they wanted to froth up their reputation, and decided to go about spending $630 thousand on acquiring Facebook "Likes". Yep, almost a million bucks to raise their likability on Facebook. Using our tax dollars.
After this, State's own inspector general put together a 57-page report on how much money was wasted on getting Facebook "Likes," because writing a 57-page report at government speed was an excellent way to throw good money after bad.
So, to both the State Department itself as well as State's Inspector General -- and, hey, let's be generous and include Hillary and John Kerry as well -- we gift a free registration to Fiverr.com. You can get almost anything from Fiverr for five bucks.
You want a pile of useless Facebook Likes? Rather than spending nearly a million bucks, pull out a Lincoln and you got it. Want a 57-page report on something? Another five bucks. We estimate that with this gift, we can save State millions of dollars.
Not spending our money? Hmmm... I wonder if people will "Like" that?
Day 11: Cybersecurity policy with the wisdom of Franklin, Jefferson and Adams
What a difference a year makes. We opened up this year with a big (and very necessary) push to increase America's cybersecurity defenses (and, less publicly, it's offensive capabilities as well). We ended the year with the government on the defensive about its own data gathering practices, with barely a mention made anywhere about the ongoing, terrible threat of cyberattack.
It's hard to find a gift for the gift that keeps on giving, and that's what cyberwar is. Whether it's for espionage, money, or damage, cyberattacks and penetration attempts are constant, both against government and civilian targets.
Worse, it's not just the big players fighting with each other. Cyberattackers are aiming their digital arrows at moms and dads, grandparents, teachers, students, and even little kids. They're trying to break into and steal information, credentials, and identities of anyone they can -- and they're succeeding.
While we already have laws on the books for cyberdefense, we don't have good comprehensive laws. As is always the case in a union, the various agencies and operations don't play all that well with each other. Yeah, I know. It's a surprise to me, too.
Our gift to the United States government would be all the funding needed to fight cyberattacks, but only if it employs the wisdom of a Washington or a Jefferson or a Franklin while doing so. We encourage the government to work with the likes of Larry Lessig, the EFF, and other outspoken proponents of both digital rights and digital safety.
If our public servants can put Americans' interests first (and that means not taking any more calls, lunches, or favors from lobbyists), then comprehensive cybersecurity operations are possible.