Latest News Stories:

• NORAD Intelligence Blackout
• Y2k -- You´re Okay
• Amiga Sold
• OSAll Plans
• The Belgians Need Our Help
• Back from Vacation
• Standards in Compsec
• NSA FOIA Request
• Happy Birthday Attrition
• More News...

Only $31.95

New Methodology:

• AS/400 Security
• Is YOUR Network Secure?
• Case Study: Stupidity of Sys Admins
• Solaris Auditing Overview
• Understanding NetBIOS
• Checking For RPC
• Sniffing FAQ
• More Soon...

Product Reviews

OSAll is starting to do weekly product reviews, to be published every single Friday.  Check out software, book and hardware reviews.

 Check it out!

Front | Methods | BBS | FAQ | Adverts | Mail | Write | Link | Shop

"Y2k, all hype, all the time."

Government Gets Serious

Mike Hudack
Editor-in-Chief

On Thursday, the Technology Subcommittee in the Committee of Science was host to computer security experts.  The hearings were examining the impact and status of Government computer security measures.

According to the experts, who were in the employ of the Government, both Web sites and computer networks were left vulnerable to hackers and crackers.  According to Michael Jacobs of the NSA, who spoke to the subcommittee, information about attacks on sensitive and confidential computer networks is "very sketchy."

The experts who spoke to the subcommittee specifically spoke of low salaries among computer security experts in Government employ.  They stated that commercial salaries were so much more competitive that many of the good security people were leaving the Government for the private sector.  Keith Rhodes, technical director of the GAO, said the Government "train[s] people at government expense and the private sector waves a bigger paycheck and takes them away."

The subcommittee heard reports stating that agencies need to "implement vigorous security programs."  Without them, they said, proprietary Government information, confidential tax records and public information sources are at risk.

A big problem with Government security is, as OSAll has reported several times, that the culture just isn´t security-conscious.  Raymond Kammer, director of NIST, said that little advice is actually followed by the agencies being advised.  Likewise, a Government expert OSAll spoke to said "they just ignore us.  It´s like we´re not even there.  It´s all about ease of use -- they couldn´t care less about security."

The House is hoping to change that.  Representative Connie Morella (R-Md.) suggested that Federal agencies should report to Congress on a regular basis about their security.  She has already been planning to revise and update the Computer Security Act of 1987, and plans to include this provision.

According to several people responsible for computer security implementation, this provision would "greatly increase our importance.  With such accountability, they´d have to listen."

Ironically, at the same time the House was entertaining this issue, additional Government Web sites were defaced.  Both the Monmouth Army Base and the Argonne National Labs were defaced.

Don´t forget to discuss this issue on the OSAll BBSystem!

All content copyright 1998 - 99 unless book covers or otherwise noted.  Book covers copyright 1998 - 99 Amazon.com.  All OSAll-owned content may be reprinted with the following header added: "Copyright 1998 - 99 Owl Services.  Visit aviary-mag.com for computer security news and information."  Article authors retain a non-exclusive right to republish their work.   324