Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Security The Military United States Politics IT

Chertoff Advocates Cyber Cold War 115

Jack Spine writes "The US and allied countries should formulate a doctrine to apply the principles of nuclear deterrence to cyber attacks and cyber espionage, according to former US Homeland Security secretary Michael Chertoff. No matter that it's very difficult to attribute the source of cyber attacks — just take punitive action against the platform being used to attack, says Chertoff."
This discussion has been archived. No new comments can be posted.

Chertoff Advocates Cyber Cold War

Comments Filter:
  • Then maybe they'll start using nuclear silo systems to attack other of our interests. Two birds with one stone eh?
    • by c0mpliant ( 1516433 ) on Thursday October 14, 2010 @06:38PM (#33901754)
      Its such a great idea. The first cold war was so successful, lets have another...
      • Re: (Score:1, Interesting)

        by Anonymous Coward

        It was, for the US. It was the US outspending the USSR in military buildup that led to their destabilization and collapse. Mission accomplished. Sad thing is that is what the current world situation is doing to the US now.

        • Re: (Score:3, Insightful)

          by TheCarp ( 96830 )

          The other sad thing is that we still haven't paid for it.

          There is no way it was successfull for the US, it was a stupid and unnecessary pissing match from day one. An embarassment for the country. I am still against having a standing army. We have no need to have forces outside of our borders. Its a shameful waste.


          • Re: (Score:2, Interesting)

            by Anonymous Coward

            The worst part about a standing army is that it creates two functional classes of citizens that do not share the same fundamental need.

            Those that have signed their right of refusal over to the government should not be permitted to vote or participate in political events or debates until the right of self-determination is legally returned to them.

            During their period of service they must be treated as exactly what they signed up to be - fleshbots for whoever comes to power during their tour.

          • "Pissing match" is the least of it. Go watch the documentary "Trinity and Beyond: the atomic bomb movie". It was a bunch of power mad and power drunk farktards gambling with our lives and, arguably, the entire planet.
          • by Zeek40 ( 1017978 )
            We were paying for it just fine until Reagan came along and convinced the voting populace that taxation is theft and that defect spending is the wave of the future. Reagan's tax cuts (which have hung around much longer than the Red threat) are what sent this country spiraling into debt we haven't recovered from, not the cold war.
            • by TheCarp ( 96830 )

              Actually, taxes kind of are theft. I have little problem with this as long as they are not used for things that I find absolutely abhorrent... like military buildups, massive surveillance, and wars.

              • by Zeek40 ( 1017978 )
                If taxes are a kind of theft from an individual, then driving on a public road, using a public library, riding on a commercial airline, and calling the police are all kinds of theft from the government or community.
                • by TheCarp ( 96830 )

                  I don't see how that logically follows. You make the assumption that the only way to pay for these things is through taxes.

                  When is the last time the government tried a telethon? Seems to me they just like to tell people "You pay us, for whatever the hell we want to do, whether you like it or not".

                  I am all for roads, libraries,.... um I don't see where commercial airlines come into this since the government really has little place there except where they have forced themselves in...

                  I would gladly pay for the

                  • by Zeek40 ( 1017978 )
                    Good luck with that telethon, I don't think you'll be getting any money.

                    Commercial airlines come in because the government hugely subsidizes the commercial airline industry in the US, running everything from air traffic control to airport security at little to no cost to the airlines involved because having cheap, functional air transportation in this country is in the best interest of US businesses.

                    Your opposion to 'all of it' until everything is run the way you want is incredibly childish and is the

                    • by TheCarp ( 96830 )

                      Well thats how I feel about a war on the citizenry. Honestly, I don't consider this my country so much as the country I was born inside of, and which is run by an entirely different economic class. I openly state my preference for breaking up the union, and see little real benefit to the common people in keeping it together any longer. Its pretty outdated and no longer needed.

        • That is until you realize that the total economic collapse we are currently in the first stages of was started at the end of that war. Oh, and the fact that we "won" the war by simply becoming just like them. Hell, these days the DHS and the NSA could teach the NKVD a few things about the finer points of establishing a police state.
      • by c0lo ( 1497653 )

        Its such a great idea. The first cold war was so successful, lets have another...

        Not only that, but now there are some other specific differences to make this a piss-poor idea:

        • the other party can spend much less in provoking a disproportionate response - it is so cheap that even private initiatve can manifest (i.e. doesn't take that much to be a Dr No... Mhwa-ha-ha)
        • the response in itself may have impact on the responding party - network congestion, etc.. It's not like you send in a missile in open skies, you'd be using the same tubes to respond
  • by Bill Dimm ( 463823 ) on Thursday October 14, 2010 @06:11PM (#33901384) Homepage

    ...nation states should be able to act against technologies in countries being used as a platform for attack...

    So, nuke Redmond?

    • by HungryHobo ( 1314109 ) on Thursday October 14, 2010 @09:18PM (#33903408)

      Nah, someone will just root some of the US militarise own shitty, poorly patched windows NT boxes and use them as a platform for attack.

      The US military will then MAD it's own network into the ground to show them who's boss.

      Or even better.

      If I want to take down some website, I don't have to do the hard work any more.
      Just find any insecure app or server in the same server farm and use it to launch some trivial attack against the US government.
      The US government then does my attack for me, DDoSing or blackholeing the entire datacentre and my target.

      I've heard enough silly ideas over the years for systems of actively attacking machines which attack a network, sometimes in an automated fashion.
      Most automated ones are trivially subverted to use against third parties and the non-automated ones depend on the people in charge being able to find their arse with both hands... unfortunately it's the military.

      • by mrogers ( 85392 )

        If I want to take down some government, I don't have to do the hard work any more.
        Just find any insecure organisation in the same country and use it to launch some trivial attack against the US government.
        The US government then does my attack for me, bombing the entire country and my target.

        You have a bright future at the CIA. ;-)

    • ...nation states should be able to act against technologies in countries being used as a platform for attack...

      So, nuke Redmond?

      Don't let them escape beforehand, either.

  • by drinkypoo ( 153816 ) <martin.espinoza@gmail.com> on Thursday October 14, 2010 @06:14PM (#33901440) Homepage Journal

    So long as they don't respond to a DDoS with one of their own, but with a targeted attack designed to silence the particular nodes in question, then it's probably a good thing. It's not like it's not possible to keep logs to see if these guys are operating outside their mandate.

    • I say that anyone who's system is being used for DDoS attacks can't complain about such treatment. They should have secured their systems.

      • There's no such thing as a completely secured system, and that's where the flaw in this plan lies. If the policy is to attack the last link, a third party can use you as an attack dog against anyone they want -- they might not even need to actually exploit the "target" if they can spoof the attack to make it look like the target is the last link.
    • Re: (Score:3, Interesting)

      The trouble is he's suggesting that they apply the MAD principle to this problem. That certainly doesn't sound like a simple kill the zombie node thing.
      • Re: (Score:3, Insightful)

        by postbigbang ( 761081 )

        You're right. An eye for an eye, a tooth for a tooth, and soon you need seeing-eye dogs and dentures.

        With two million botted machines in the US alone (a conservative estimate), you could piss off a lot of homies, too. I don't think Chartoff realizes just how many pawns there are, ready to march, and give him a bad day. That we don't consider those pawns as attackers-in-waiting is a fool's blindness.

  • False flags abound (Score:1, Insightful)

    by Anonymous Coward

    Soon even the smallest of countries can wield the destructive force of a superpower: Just make it look like your opponent attacked the USA and the USA will do your dirty work.

    • by Anonymous Coward on Thursday October 14, 2010 @06:31PM (#33901688)
      And that'd be different from the current situation... how?

      For once, this is a proposal from the security theater industry that isn't batshit insane. You DDOS us, we null-route the offending nodes, or we politely ask whoever supplies your country with connectivity to do it on our behalf. You DDOS an airline reservation system, stranding millions, and we null-route your country until its uncooperative ISPs learn to play nice. You DDOS an air traffic control system so hard that you actually start killing people, and we not only null-route the country until the dust settles, but we also reserve the right to shut down the offending data center with a LART, presumably in the form of an earth-penetrating mallet. (And we expect that you will do the same to us, if our roles are reversed.)

      The present situation is that we run around like chickens with our heads cut off, make vague fearmongering sounds about "what if", and apply for increased funding. That'll happen too, but at least this way there'll be some ground rules as to what sort of retaliation is permissible. Go ahead and spy on us (if we catch you, we'll block you). Try to poke at us (but don't do much damage) and we'll get annoyed. Break our toys, and we'll break your toys. Do collateral damage, and the gloves come off.

      • by DarkOx ( 621550 ) on Thursday October 14, 2010 @06:59PM (#33901972) Journal

        The problem is collateral damage. What is more likely the nation of Elbonia is attacking the United States by DOSing an airport reservation system? or a competing airline hired some crackers to harm the competition, and those crackers have rooted some machines at the national ISP of Elbonia, that they do it with?

        So we respond by routing the entire nation via, which is great in that it solves the problem but it probably denies all sorts of services to innocent people, and I am not talking about Mohamed's Netflix subscription, what about that X-Ray the surgeons there wanted a consult on, and the nations telephone system which is IP based at least for international calls. Oh and hey the assembly plant GM is trying to operate there, etc etc. All this is going to do is make small problems big ones.

        • Re: (Score:3, Interesting)

          by Grave ( 8234 )

          Perhaps. The operating theory here, I think, is that at some point, a government will stop doing such idiotic things as cyber warfare because the costs are too high. Just like the threat of economic sanctions.

          Part of the problem, however, is that for all the "control" we might have over the internet, it's a global network that by design can't just be turned off like that. Personally, I think that good old fashioned, "Oh, you shutdown our air traffic control system? Here, we'll shut down your airspace by

          • Part of the problem, however, is that for all the "control" we might have over the internet, it's a global network that by design can't just be turned off like that. Personally, I think that good old fashioned, "Oh, you shutdown our air traffic control system? Here, we'll shut down your airspace by destroying anything that gets more than five feet off the ground." is more effective. Excessive? You bet. That's the whole bloody point of MAD. Cyberwarfare cannot be part of a MAD policy unless you are prepared

          • The operating theory here, I think, is that at some point, a government will stop doing such idiotic things as cyber warfare because the costs are too high.

            Did I miss something? AFAIK the costs of nuclear MAD are in the "somewhat high" category, yet no-one has yet gone "you know what, we'll get rid of them all because it just isn't worth it - it'll all go wrong, no-one wins and it is an expense we just can't manage".

            If you meant the financial cost of daily ops and overheads, who said it even needed to be of

      • In other terms all I need to do to block all data traffic between the United States and any country I wish is to have a botnet in that country and have it DDOS a high-profile US site? Yeah, that sounds awesome.

        Unless of course all ISPs in that country will submit to whatever the American government says based on the promise that American ISPs will cater to every whim of every foreign government. Well, every whim that involves shutting down arbitrary network nodes.

        ...Why do I get the feeling that no sane
      • You sign on to ACTA or we'll say you DDOSed an airline reservation system and null-route your entire country until you do.

      • by c0lo ( 1497653 )

        And that'd be different from the current situation... how?

        For once, this is a proposal from the security theater industry that isn't batshit insane. You DDOS us, we null-route the offending nodes, or we politely ask whoever supplies your country with connectivity to do it on our behalf. ....

        Dr Julius No here: I'm about to set up a botnet. Once I'm done I'll send a command to all the zombies in US to DDoS and I'll shut down my command center. Good luck, America, in null-routing in your own network and/or sending LART-s on your own soil (crazy laugh).

      • by sempir ( 1916194 )
        So...do you think I should get all my porn watching done now while I can? I'm 70 years old so have to get my priorities right.
  • This is all incredibly stupid. First off, we should never have a "cyber cold war" because we shouldn't put our fucking important infrastructure on the internet! If it could harm human lives if it goes down and there isn't a non-networked backup that can be used at a millisecond's notice, it shouldn't be on the internet.

    If you've spent 2.3 billion to construct another power plant and you are too lazy to actually staff it, something tells me an extra $150,000 to run dedicated lines from it to your main of
    • If we can lay a direct telephone line between Washington DC and Moscow to prevent a nuclear war, something tells me we can afford to lay some cable 10 miles to prevent some "cyber cold war"

      The /. "air gap" theory is crap. I don't think you appreciate the complexity of the problem. Critical systems aren't just SCADA systems. What about financial transactions? Should we have a separate banker's internet that contains all redundant equipment? How about DoD unclassified? For that matter, what about systems that are secured, but utilize existing routers, lines, etc because it would cost millions to build an entirely separate transcontinental backbone just to keep the infrastructure separate

    • I seriously doubt that things like nuclear power stations are connected to the public internet.
  • by Speare ( 84249 ) on Thursday October 14, 2010 @06:20PM (#33901530) Homepage Journal

    Just take punitive action against the platform being used to attack, says Chertoff.

    Just like we took punitive action against Logan Airport and United Airlines for 9/11? Oh, right.

    When "our adversary" uses the likes of Google or Akamai or British Telecom against us in a cyberattack, we're going to return fire on those platforms?

    Hey, I'm putting a scheme together about the RIAA...

    • by DarkOx ( 621550 )

      Given the D- and F grades our government usually gets for security its more likely the platform used to attack will have a .gov or .mil extension; and hey the terrorists might figure gee if we look to rooting those boxes we might get some collateral damage from friendly fire.

      Seriously I thought this whole retaliatory stuff got dropped by the computer security professions years ago once they realized that to be effective the systems would mostly need to be automatic because whatever you do is time critical,

    • Well, we certainly considered taking action against the specific airliners being used by the attackers. If a certain IP is being used by an attacker, why not null-route it where possible, or DoS it where not possible? It sounds like an easier decision than shooting down a hijacked passenger plane.

      One would hope that there are some checks and balances in the process to reduce the chances of abuse by authorities, of course.

  • "Cyber" (Score:5, Insightful)

    by Dystopian Rebel ( 714995 ) * on Thursday October 14, 2010 @06:23PM (#33901578) Journal

    "Cyber" is the vague sort of word that Government Management uses in an attempt to sound technologically astute. As soon as you hear a phrase such as "cyber war", you know you are dealing with a management automaton paddling beyond its depth.

    It's interesting to note that this term is a back-formation made from "cybernetics":
    "From Greek kubernts, governor, from kubernn, to govern."

    Makes it sound as though this is another war that being invented by the government to spend the people's money to take the people's freedom away.

    • Of course it is. (Score:4, Insightful)

      by Anonymous Coward on Thursday October 14, 2010 @07:02PM (#33902010)

      Terrorism is only scary to people who shouldn't have been let past the third grade. Even irrational people understand their risk of death by terrorism is pretty much nil, compared to say their risk of horrible death involving decapitation and other hilarious ends while driving.

      "Cybersecurity", though?

      Computers are strange, wondrous magic boxes for the vast majority of the population. Even for the supposed tech whiz 'next generation'. Oh, sure, kids these days understand Twitter. They sure as hell don't understand TCP/IP. What better platform, then, to force Americans to do what we do best? Wet our pants in baseless fear and beg our government to strip us of our freedom.



      • Re: (Score:1, Insightful)

        by Anonymous Coward

        I've met perfectly well-educated people who think that the new rules for liquids on airliners are a great enhancement of their safety. There are lots of brilliant people who can't do arithmetic.

    • Pardon my humor:

      General "Buck" Turgidson: Mr. President, we must not allow a mineshaft gap!

      Replace "mineshaft" with "cyber". Violla! A new cold war with lots of funding! Such a deal!

    • by mrogers ( 85392 )
      "Cyber" has had an interesting history [slideshare.net] - from military research in 1948 (Norbert Weiner coined "cybernetics" while working on anti-aircraft guns), to 1980s science fiction, to 1990s business buzzword, to military strategy [slashdot.org] in 2010. Which raises the question, can military planners only understand their own technology through the lens of science fiction?
  • Maybe we should all take our shoes off for inspection before we get online. Or make us wait in an unguarded corral area for half an hour before we can enter the secured area. Or randomly pull users aside for full system scans. Or force users to their own drink breast milk before logging in.

    I sure as hell don't want them "attacking" computers online.

    • I always take my shoes off when I get online - penny loafers look funny when you aren't wearing any pants.

      Now where is that post anonymously button... Hold on, should be on the submit page.

  • jack spine writes; the US and allied countries should....

    jack spine should realize he is NOTHING

  • by Tei ( 520358 ) on Thursday October 14, 2010 @06:30PM (#33901670) Journal

    Anyone can fake the origin of a attack, so the basic rule about this is: never attack the attackers. If you do this, you can be used as a means to attack others!.. like your cpu power be used as part of a DDoS against a third party.

    Internet just don't work like that.

  • Ahahahah! Fools! (Score:5, Insightful)

    by gweihir ( 88907 ) on Thursday October 14, 2010 @06:35PM (#33901718)

    Seems to me these people still do not understand the threat. This is not warfare. It is vandalism, petty theft, corporate espionage and maybe some extortion. You cannot fight crime of this sort with a cold-war strategy. Several reasons:

    • It is hard to identify the enemy, and when you do it will often be single individuals and very small organizations
    • The enemy is not afraid of counterattacks, since it does not have a similar infrastructure
    • The enemy is often hiding behind stolen identities (for example hacked servers), so the risk of hitting the wrong target is very, very high
    • This conflict is hugely asymmetrical in that the attacker has very low costs and the counterattacker has very high cost
    • Different from the cold war, it is not two huge organizations against each other, but large organizations against a huge number of individuals

    This strikes me as basically an over-aggressive, "bully"-type strategy by people that like to employ violence, but are not very bright. It is doomed to fail from the onset. The situation is a bit similar to the "war on terror", but more like a "war on (petty) Internet crime". Fighting crime with military means has never worked and will never work. The way to fight crime is by I) better securing your property (but especially the government and military seems to be hugely incompetent in that area) and II) standard police work. The added complication is that this is an international problem, something the US is notoriously bad at tackling, since they do not understand the rest of the world at all. But bombing shoplifters is not something that is going to work, ever, and even not very bright people should be able to understand that.

  • Deterrent through force of arms never worked.

    That was the solution to the balance of power pre-WW1 if anyone remembers a bit of history. We all saw how that ended up.

    Meh, basing the entire future of the internet on "Go on, do it, I dare you" will not end well for anyone. I can already see an RIAA/MPAA sponsored 'attack' taking down most of the internet (and them meddlin` filesharers!) for a few weeks.
  • The newest terrorist tactic will be to simply compromise one system at a sensitive US installation and use it to attack DHS. It saves a step. Before this, you'd not only have to get access to the device, but you'd also have to know how to break it. Now step 2 is automated. You can also escalate the attack. If you have only unpriveledged access, but can send outgoing packets, you can now take it out.
  • by khallow ( 566160 ) on Thursday October 14, 2010 @06:43PM (#33901810)
    While I'm sympathetic to Chertoff's views, the problem remains that the tools he suggests are both too blunt for the purpose and may actually reveal important, low risk information for the adversary. As the title suggests, the US has a many decades history, since the Second World War, of using progressively more selected and targeted means of killing people. There are two reasons for this. A more focused weapon inflicts more damage on the intended recipients and less damage on third parties. However, to be used effectively, you need to have intelligence on your foes and sufficient control of the weapon so that it hits what you want it to hit.

    For example, in the absence of any intelligence, other than that "bad guy" insurgents are hiding in a certain city, then a nuclear bomb would be more effective than a smart bomb for causing harm to the enemy. The drawbacks of such a brutal and lazy strategy are pretty obvious, from huge loss of innocent life to the possibility that most of the bad guys survive the nuclear attack (maybe they're in a bunker or spread out so that a nuclear burst takes out only a few at a time). A smart bomb would be useless, a bad guy is more likely to die from traffic accidents.

    OTOH, intelligence on where exactly the "bad guys" are leads to the smart bomb being much more effective. A smart bomb delivered right to the basement is more effective than a nuclear bomb blindly lofted a dozen miles away.

    That sums up what I see as the first problem with Chertoff's proposals. Since the force is not focused nor based on decent intelligence, it doesn't harm the foe and harms innocents instead.

    Second, unfocused harm has the tendency to warn the enemy that you know something before you get a chance to significant damage to them. A worst case here would be a rigid retaliation procedure that a foe could use to map out the sensitivity of your defenses and deliberately trigger unpopular retaliation attacks on innocent targets.

    As it stands, there apparently is a large scale, systematic looting of US (and developed world) knowledge by unknown parties (often thought to be the Chinese government or Russian underworld). There should be a price paid for trying to steal millions or billions of dollars of information. I think that Chertoff's suggested approach is a losing strategy that doesn't help the US mitigate the loss from such activities.
    • by sempir ( 1916194 )
      If you know where the "bad guys" are then Smart Traffic Accidents are the answer, no tail backs to follow eg: jeezuz ...where did that come from?
  • Anyone with the name "shirt off" doesn't need to be commenting on the use of the internet.

  • Nuclear deterrence actually makes sense in the world of war where there is no physical possibility of being 100% certain to prevent an enemy from entering a state armed to the teeth, or sending in a nuke of their own. However, the internet has very few clear access points for any given institution. You're air-traffic control tower is suffering a cyber attack? Pull the plug on the router. The air-traffic control tower is suffering repeated cyber attacks? Time to fire your IT staff because they are idiots who
  • The person in the TFA goes on some random blabbering about "attacks on infrastructure" and "thousands at risk", proposes "cold-war, nuclear deterrence"-like strategy, then contradicts itself by saying "then ... incapacitating the platform used to attack is something that you have to do", then goes again to talk about "overwhelming force" and what not.

    There's no logic in that, and, if anything, it is the opposite of MAD, the dominating war strategy of the Cold war.

    The premises of MAD were clear -- a few powe

  • Maybe he said "nuclear due process" and the interviewer mistakenly wrote down "nuclear deterrence." He'd certainly never advocate destroying a US Citizen's computer without any due process! That would be just wrong! Chertoff's a former Assistant U.S. Attorney! I'm sure he respects the Constitution and would never advocate something so awful.

  • Destroying the countries where attacks originate is a broken doctrine, IMO. Use of force should always be measured, and focused, lest history revile us. The ease of false flag operations in "cyberspace" make the nature of our responses to attacks even more important. I would dismiss Chertoff out of hand were it not for the possibility that, rather than harmless BS, talk like this may encourage a doctrine that will allow our government to start wars and engage in various intrigues, to evil ends. Chertoff co-

  • My Proposal (Score:5, Funny)

    by Hoi Polloi ( 522990 ) on Thursday October 14, 2010 @07:58PM (#33902638) Journal

    I propose ignoring Chertoff.

    • Re: (Score:1, Insightful)

      by Anonymous Coward

      I second that. Chertoff was the idiot that claimed in the days afterward that the devastation Katrina caused to New Orleans was unexpected. Which is a load of crap given that people had been warning for decades that a major hurricane rolling over New Orleans would indeed be a complete disaster, the preparations for the possibility were inadequate, and there were several close calls that made it obvious (e.g., hurricane Ivan in 2004). What kind of head of the "Department of Homeland Security" wouldn't kno

    • I propose ignoring Chertoff.

      Sorry, bub, there's significant prior art on that one.

  • ... because when I saw TF title I wondered why the hell Melanie Chertoff would even have an opinion on the subject.

  • In other shock news today the American military-industrial complex suggested that the world become more paranoid and adversarial.

  • In his first ever public speech a few days ago, the head of GCHQ, Britain's equivalent of the NSA, explicity stated [infowar-monitor.net] that nuclear deterrence was not a suitable model for cyber defence "because small-scale but significant cyber attacks happen every day".

    It's unusual to see open disagreement between such statements, which are usually carefully orchestrated; I wonder whether it reflects an underlying conflict between DHS and the new Cyber Command, with GCHQ siding with Cyber Command?

  • Chertoff is an idiot (Score:3, Interesting)

    by grandpa-geek ( 981017 ) on Friday October 15, 2010 @08:09AM (#33906582)

    Chertoff was behind the preposterous program on CNN where a collection of lawyers sat around trying to play techies on TV. Most of them were probably technology challenged, and they focused on legal nonsense to deal with a weird technical scenario (a malicious cell phone app goes wild and shuts down the power grid).

    His crazy ideas led to the proposal to shut down the Internet in the event of national emergency.

    When he was in office he was behind a stunt where a cybersecurity attack was assumed and a piece of equipment was misused and rigged to tear itself apart -- on TV -- by doing something that has been known for decades to be a no-no.

    The only value of Chertoff's nonsense is publicity for the issue. Everything beyond that is idiocy.

    Cybersecurity is clearly a serious concern and work needs to be done to improve it for critical infrastructure. But off-the-wall ideas coming from Chertoff are not the way to move forward. Instead, we should have people who know what they are doing lead the effort.

  • Michael Chertoff needs a good lesson in the Internet or some hacker somewhere is going to cream his (or her) pants if this gets implemented.
  • No, really look at this:

    http://csrc.nist.gov/publications/history/myer80.pdf [nist.gov]

    I had a fellow Researcher send this to me this morning - it blows the lid off of what I've been speaking (LOUDLY) and writing about for years - here and other places, basically Subversionhack:

    http://subversionhack.livejournal.com/ [livejournal.com]

    https://tagmeme.com/subhack/a/ [tagmeme.com]

    ^ 2nd site has Certificate Expiration problem ^

    Chertoff article:

    "Chertoff told ZDNet UK at the conference that cyberattacks on critical national infrastructure could put thousa

"An open mind has but one disadvantage: it collects dirt." -- a saying at RPI