“Linotype: The Film” Official Trailer from Linotype: The Film, which documents how a German immigrant to America in 1884 transformed the Springerle cookie roller into hot metal matrix typesetting and revolutionized industrial printing
Music: “Interlude” by The Cornbelt Chorus
The FY2012 defense authorization act of December 13 included the following
Congress affirms that the Department of Defense has the
capability, and upon direction by the President may conduct
offensive operations in cyberspace to defend our Nation,
Allies and interests, subject to–
(1) the policy principles and legal regimes that the
Department follows for kinetic capabilities, including the
law of armed conflict; and
(2) the War Powers Resolution (50 U.S.C. 1541 et seq.).
It goes on to say that spying also is authorized
Military activities in cyberspace (sec. 954)
The House bill contained a provision (sec. 962) that would
clarify that the Secretary of Defense has the authority to
conduct clandestine cyberspace activities in support of
military operations pursuant to the Authorization for the Use
of Military Force (Public Law 107-40; title 50 United States
Code, section 1541 note) outside of the United States or to
defend against a cyber attack on an asset of the Department
of Defense.
And finally the War Powers Act may not be applicable
The conferees stress that, as with any use of force, the War
Powers Resolution may apply.
Oh, whoops, that says it may apply. I take that to mean force is authorized until someone objects or just notices that it should have been regulated under the War Powers Resolution. Obviously I’m not a lawyer, though.
The most interesting aspect of the development is how it could have a ripple effect to the private sector. As I wrote earlier, the Senate is talking about 2012 as the year for the government to retake a leadership role and help drive the security of unclassified, non-military computer systems.
NIST’s involvement after the Computer Security Act of 1987 was for that specific purpose so they technically aren’t forging new ground but rather back on a path started under the Reagan administration.
On the other hand this announcement that the government will invest in “offensive operations in cyberspace to defend” might just be the green light that some companies have been looking for to legitimize and subsidize their own “gray” or even “black” operations.
Is your information security department capable of a non-kinetic defense or gray cyberoffensive defense? Follow the U.S. government’s lead and you may have your team cracking servers, manipulating social networks and stealing credentials from your threats in no time, within the laws and purposes of defensive action of course (e.g. add a good lawyer to the team).
Updated to add the Preemptive Strike iPhone Theme. Don’t push that red button.
I get chills just looking at the series of photos from a National Science Foundation photography mission and thinking about the survival gear necessary for a human.
The National Science Foundation Office of Polar Programs sponsored an underwater photography team to dive out of the US Antarctic Program’s base at McMurdo Station, on Ross Island in Antarctica. For three visits in late austral spring, photos were taken on scuba dives and field excursions at locations around McMurdo Sound: Ross Island and the Antarctic mainland. The team was led by Norbert Wu, a professional underwater photographer/cinematographer.
Here is a very small crop from my favorite photo of the entire series. You can probably guess why.
The Norbert Wu collection says it holds more than 6,000 research images and he has been awarded the “Antarctica Service Medal of the United States of America ‘for his contributions to exploration and science in the U.S. Antarctic Program.'”
FederalNewsRadio.com reports that FISMA updates have been attempted before in 2008 and 2010 and gone nowhere. 2012 could be different, though.
The article says one area of emphasis seems to be borrowed from the latest food and health regulations. Preference will be given to vendors who do not fry or sauté security into their products.
Lieberman said Congress would encourage agencies to only buy from vendors who “bake” security in from the beginning of development.
“Using the federal government’s purchasing power, I believe would help prod technology companies to produce more secure products, which would then be available to businesses and consumers,” he said.
No word yet on whether steaming is acceptable.
Here’s another area of change to watch.
Our legislation would also provide liability protection for owners and operators who are in compliance with their approved security plans
That sounds familiar. PCI DSS has a similar theory. Many people often ask me if compliance brings complete liability transfer or exclusion. It does not. Changes to FISMA likewise probably will not offer protection against all liability but instead offer some amount of protection — reduce the amount of penalties/fines compared with being breached and also out of compliance.