Re: In an Era of Russian Hacks, the US Is Still Installing Russian Software on Government Systems

[Note:  This comment comes from friend David Reed.  DLH]

From: dpreed@reed.com
Subject: RE: In an Era of Russian Hacks, the US Is Still Installing Russian Software on Government Systems
Date: June 15, 2017 at 1:47:37 PM EDT
To: dewayne@warpspeed.com

The idea that software is “Russian” and that “Russian” means “enemy” in some unilateral way is an instance of terribly bad thought processes.

As another example, nearly every piece of high tech gear sold by so-called “American” companies is largely designed and manufactured in the People’s Republic of China (or in Taiwan, which is hardly insulated from mainland Chinese infiltration and control).

“American” companies, like “IBM” and “Hewlett Packard” are not in any sense American. Their workforces and supply chain are international.

This tendency to Nationalism may have made sense around the 1940’s when countries were self-sufficient. It makes no sense today.

(Of course, the ignorant leadership of the US and UK play into this absurdist conception of Nationalism to rally supporters for “America First” thought patterns).

Is this merely amusing? No. When you try to write laws or to protect your *citizens*, making such egregious mistakes as assigning “risk” to absurd nationality-of-origin claims is massively counterproductive.

Is Huawei or Foxconn or TSMC or all the other suppliers of hardware, software, microcode, design services, … a tool of national interest?

The answer is, yes for sure. But *what* national interests? And what *other* interests?

Can we be safe by creating some new kind of economic entity that builds technology in some kind of “clean room” where people who *never interact in any way outside of that clean room* do literally everything?

Of course not.

So let’s be practical. Tracing of commercial sourcing and supply chains are the *wrong* place to build in safety and security.

Loyalty oaths and citizenship tests are the worst possible approach, and using them for political rabblerousing is ignorant and stupid.

There are lots of better ways to engineer safety and security into systems composed of imperfectly reliable and imperfectly securable parts. We know how to do that.

But fear-mongering is not constructive, especially based on bizarre logic that ties nationalism to the wrong pieces of the process.

In an Era of Russian Hacks, the US Is Still Installing Russian Software on Government Systems 
By JOSEPH MARKS 
Jun 14 2017 
http://m.nextgov.com/cybersecurity/2017/06/era-russian-hacks-us-still-installing-russian-software-government-systems/138683/

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s