A career-defining, oscar-worthy, breakthrough performance was just witnessed. Over the course of 23 days, Lindsay Lohan managed to successfully convince doctors that she doesn’t need to be in rehab anymore.
Nobody said it better than Jon Lovitz, as the Master Thespian:
I was ACT-IIIIING!
Sheesh. I give it two years, tops, until she joins Michael Jackson and AnnaNicole down in the Carribean.
During my daily ritual of coffee-drinking, news-reading, and soft-porn-surfing [insert inappropriate witticism here], I stumbled on something that’s starting to concern me. For those of you that are regular rant readers (or recipients), you’ll recall I don’t get “concerned” often. Irate, annoyed, exasperated, irritated, and/or livid, yes. Concerned – rarely.
This particular “concern” comes from the public notice to comment on the FCC’s plan to develop a Cybersecurity Roadmap as part of the National Broadband Plan. At first, I was tickled. A chance to make waves with a little Jovian Judgementalism ™. Then I started really reading what they’re asking for…
The National Broadband Plan is a sweeping 360 page document, laying out a high level set of recommendations that are intended to make broadband access accessible, affordable, effective, ubiquitous. A good portion of this document is targeted toward market incentives to build out infrastructure and leveraging this new utility for enhanced safety procedures. Super stuff. But concerns start in chapter 1…
Concern 1:
Until recently, not having broadband was an inconvenience. Now, broadband is essential to opportunity and citizenship.
Broadband is essential to citizenship? Does that make it a “right”, as a citizen? Will all citizens have the unalienable right to broadband access? Does this mean that the government must make broadband available to a teepee out in the mountains, where some hermit / genius is plotting to take over the world? I wonder if one might be able to eventually sue an employer for discrimination? What do I think? Thanks for asking. I think it’s like hunger or starvation. If you’re starving to death and you live in the middle of the desert: move to where the food is. Please don’t rely on the government to assist companies to bring the damn food out to your hut.
Concern 2:
Congress should consider providing additional public funds to connect all public community colleges with high-speed broadband and maintain that connectivity.
Educational institutions are typically one requiring “high-collaboration” and take the “information should be free” approach to things. They also happen to be cesspools of insecurity. Anybody who’s worked in higher ed or in state government can tell you that a large amount of cybersecurity “noise” comes from rooted / infected systems at colleges. I really don’t want to have MY money spent on exacerbating a problem that this plan also claims to address, in the next major concern, below:
Concern 3:
The FCC should work with Internet service providers (ISPs) to build robust cybersecurity protection and defenses into networks offered to businesses and individuals without access to cybersecurity resources. ISPs that participate in this program should receive technical assistance from the federal government in securing their networks.
Oh, no. No, no, no. ”Without access to cybersecurity resources”? What the heck could that mean? Will an ISP make that call? Will Qwest decide that I’m not “robust” enough, and they need to do something for me? Will they bill the government for a firewall for my network (with “appropriate markup”, no doubt)? If I don’t have content filtering (or maybe my ISP thinks I don’t have a good enough solution), will they start monitoring / filtering my traffic for me? Not a good idea. I’ve got enough regulations to worry about just trying to do business – don’t make me have to prove my worth to yet another party to whom I’M THE CUSTOMER.
Concern 4:
The FCC and DHS’s Office of Cybersecurity and Communications together should develop an IP network CIRS to accompany the existing Disaster Information Reporting System. CIRS will be an invaluable tool for monitoring cybersecurity and providing decisive responses to cyberattacks.
Ugh! Didn’t anybody learn anything in the last friggin’ decade about crisis communications?? Don’t use the same damn network that you’re trying to defend to “provide decisive responses” with! Holy crap this is short-sighted – unless by “invaluable”, they actually mean “worth nothing”.
Concern 5:
Within 180 days of the release of this plan, the FCC should issue, in coordination with the Executive Branch, a roadmap to address cybersecurity.
Wait, who’s going to do this now? What exactly are they going to accomplish? How many people now have their fingers in the pie? I suppose that’s why it’s out for comment. By the time I got to this, I ran out of steam (and time) and don’t really care to comment anymore.
What promoted me to rant about this, you ask? The FCC decided to include one of my favorite poorly thought out quotes RIGHT AFTER the recommendation to create a cybersecurity roadmap:
Admiral Mike McConnell, former Director of National Intelligence, said recently that “the United States is fighting a cyber-war today, and we are losing.”
Great. The friggin’ FCC fell for it, too. I’m sure McConnell went to War College and he should really know better than to toss words like that around. For more cyber-war commentary, see this, this, and this. Maybe that’s why he hyphenated it, so he isn’t in violation of the Geneva Convention which appears to outlaw that.
Stick around for part 2 of this, where I try to untangle all the govvies that want to control “cyberspace”.
What’s up with the sticky-sweet pinkness? Part of my Love Letter to the Editor, my ode to Siobhan Gorman.
My one true love
Dear Siobahn -
It’s been a while since we spoke. I’ve been missing you terribly, pining away late at night, wondering how you’ve been and if you’re thinking of me; hoping some day we can be together. How I’ve missed your classy yet horribly vague prose; your beautifully shaped sense of entitlement to advance your own agenda, and, more than anything else, your sexy sleek style that avoids those ugly traits like “reliable sources” and “references”. I’ve been reduced to watching reruns of 60 minutes, hoping you’d come back to me.
But now, I’m so happy to see you’ve had a change of heart and come back, publishing your latest piece on the DOE (INL) report about SCADA vulnerabilities. Ah, sweet, sweet Siobahn. I’m elated by your return - my dear, sweet, source of ranting inspiration…
But wait – what’s this? Have you been … deflowered? Has some horrible, dastardly person/editor stolen your chaste treasures? Please say it isn’t so! I’m not sure I can take the heartbreak… It appears you’ve now taken to that nasty habit of “quoting” your sources and summarizing factual “reports”. Woe is me! Where, oh where has my love gone? Your latest ode has none of the qualities that have previously made you the object of my affection – no unnamed sources, no vague references, and it’s filled with – it so pains me to say this – with fact! You’ve broken my heart, dear Siobahn, and have left me wallowing in loneliness. How, tell me, how can I go on without you? Please, please, just give me a sign – a glimmer of hope that you’ll return…
Just … – is that … is that you? Did I just see it? Does this mean you still love me?? YES! You must!!! I’m so sorry – I must have misunderstood you, being confused and frightened by your long absence. I’m so, so terribly sorry – I think I see it now:
You’ve conveniently avoided linking to the report, just like the “old you”. And there it is again – you’ve called a three month old report “recent” – using those creative words to make old news look new. And best of all – you’ve shown the depth of your love by conveniently avoiding this first sentence from the report under “Most Significant ICS Vulnerabilities”:
The most significant vulnerabilities identified in ICS are those that allow unauthorized control of the physical system. Compromise of the ICS’s availability and ability to function correctly may also have significant consequences.
And you did so to caringly craft the article to imply that cyber vulnerabilities are rampant and will be the cyber armageddon that we should all don tinfoil hats for. Sweet, sweet, return.
Ah, yes… Yes, that’s the Siobahn I know and love. I knew you still loved me, too.
Yours Faithfully,
Jim
P.S.: To my rival “suitor”, John Kerber - Your attempts to woo her with accusations that 2003 (through 2009) are ancient history will FAIL – as reported by people in the industry like yourself: systems haven’t changed in 10, 20, or even 30 years, so clearly 2 years ago can’t possibly be considered “ancient”. Stay away from my girl – I was here first!