Feeds

Ex-Microserf Schmidt as govt cyberterror Cassandra

Apocalypse soon

  • alert
  • submit to reddit

New hybrid storage solutions

This month's dose of demented prediction comes to you courtesy of Howard Schmidt, chairman vice of the US President's Critical Infrastructure Protection Board.

Alleged "zero-day viruses and affinity worms" will sunder business records, as reported in Network World Fusion and credited to a Schmidt speech at an Information Systems Audit and Control Association (ISACA) conference. Brokerage house trading records will be scrambled, corporate networks rendered molten, CEOs humiliated.

This is not the worst. Traffic lights, pacemakers, appliances -- all subject to outages and interruptions because in the future they're controlled via Internet, declares Schmidt. The power grid could fail catastrophically by 2005! Cats and dogs fornicate in the street as the sky turns black as sackcloth.

It seems the Warhol worm, once mentioned recently in this column as allegedly capable of infecting the world in fifteen minutes, is senile by comparison. In the arms-race-like rhetoric of horror virus description, the zero worm infects almost instantly. What could be next? Perhaps a temporal virus so fiendishly virulent at the quantum level of the chip that it moves backward in time, infecting everyone with a PC the day before some anonymous ninny on the Internet becomes the first infection.

Whether the bearers of such news are carillonneurs or cullions in these matters depends upon how experienced an observer you are of the computer security junket fest.

If it's the first time for you at one of these cons, where your employer coughs up anywhere from $500 - $1900 for the price of admission, Schmidt's virus alarums might seem quite remarkable, even prescient. The remora-like journalists who get in gratis will assuage any lingering doubts you have as to the value of his lecture by emphasizing the most fantastic elements of it in the trades. If your boss reads the published result, it's all good. You were educated at the feet of the guru.

But I must rain on the parade. Nothing more than mutton passed off as lamb, folks. The sizzle is the main ingredient of a message that is repeated so often it can only be taken seriously as publicly-funded performance art.

In simplest terms, Schmidt is a computer security celebrity junketeer, a highly specialized occupation somewhat obscured by an official biography bulging with professional-strength acronyms. Much of his time is spent as a featured speaker jetting around corporate America. Search engines return Schmidt lectures everywhere in 2002: Atlantic City/HTCIA 2002 con, Cybercrime 2002, IT Business Forum, RIMS.ORG, New York State's "Cyberstrategies," the Chicago National Cybercrime Conference, South Sound (Washington), the National State Association of Chief Information Officer's midyear confab, High-End Computing in an Insecure World, WSATA 2002 (the Western States Association of Tax Administrators), Trust & Security in Cyberspace at the Center for Strategic and International Studies, Defending Against Information Warfare, the Secure e-Business Executive Summit, Winning the War on Cyberterrorism at Washington University of St. Louis, Microsoft's Government Leaders 2002...

Ouch, I feel an airline coach-class thrombosis coming on just browsing the list!

As a deliverer of keynote addresses, Schmidt has created a powerful image of furious action in the name of national security. Indeed, he has become an invaluable mover in the computer-trouble industry economy.

Not for everyday public idlers are these affairs, oh no! Vendors and sponsors pay handsomely to crowd the display ballrooms, showcasing turnkey services and wares enticing to the corporate foot soldiers and fellow junketmen who have just been teased with an appetizing whiff of techno-apprehension, courtesy of a good Schmidt speech.

The talent for junket was developed while at Microsoft. As Redmond's computer security czar, the tour of meetings was similar. Politically, the message differed slightly in service to Microsoft directives. Viruses weren't as cataclysmic. Generally, this was a good position to cling to while the likes of Melissa, Loveletter and Code Red were ripping through your company's software. By example: "I'm not going to come up here and tell you the sky is falling," Schmidt said at a Tulsa University infosec conference as Microsoft Chief Security Officer.

On the other hand, familiar territory is traveled in calls for more secrecy. At Microsoft, this was delivered as anguished laments on the practice of full disclosure and "information anarchy." When speaking for the government, it has become a desire to add a corporate exemption to the Freedom of Information Act, although no one has said how such a thing will prevent the "zero-day virus."

© 2002 SecurityFocus.com, all rights reserved.

Security for virtualized datacentres

More from The Register

next story
Not appy with your Chromebook? Well now it can run Android apps
Google offers beta of tricky OS-inside-OS tech
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
NHS grows a NoSQL backbone and rips out its Oracle Spine
Open source? In the government? Ha ha! What, wait ...?
Google extends app refund window to two hours
You now have 120 minutes to finish that game instead of 15
Intel: Hey, enterprises, drop everything and DO HADOOP
Big Data analytics projected to run on more servers than any other app
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.