Comments on: DHS needs fresh ideas on cybersecurity, experts say

A successful public-private partnership to combat cyberthreats will require more trust and forward-looking ideas, policy experts say referring to Homeland Security.

[Solaris_User]

The Department of Homeland Stupidity needs to disappear.

I don't want the government anywhere near the internet. Let private companies continue to provide products that secure computers as we have been doing.. since we had computers. They are apparently much better at it than government. Remember all the FBI hacks that use to go on? Do they even have e-mail working yet?

[n3td3v]

Yup, disband the DHS... let government departments organise their own cyber security operations individually.

[Harrison912]

I'm not so quick to say we need to disband the DHS but I don't think we need them legislating our computer security. When that happens, the small business owner like me, gets stuck with a huge financial liability in order to comply with legislated standards. It could put my safety and security web site out of business all together.

[chash360]

There needs to be strict standards enforcement, in software design. These standards need to include that no system connected to a network will execute code directly transmitted over the network. Executable code, should always be transmitted as static data, then installed on the system in question by the user or admministrator of that system, in such a manner as it can be scanned and tested for malicous behavior without access to the network. It is violations of standards that have allowed this rampant distribution of malware in the first place. Staight HTML 1.1 (no scripting, no activeX, no Java, etc.) is still pefectly capable of 90% of the things we do over the internet, and can be completely secure from remote hacking. All these new things that have arrived out there are purely for the ease on the programmers/architects to eliminate the complexity of how to accomplish the same things following strict security principles, of static data transmitted in autonomous transactions. If security was always the priority 1 in code design we would not be vunerable to most of the cyberthreats that exist. The remaining amount is in the way kernels handle errors, not properly checking for buffer boundries, isolating processes, and cleaning up their garbage, when they crash (I believe this to be intentional, software has no moving parts, it does not wear out, every security vunerability that exists was in the software to begin with, if they truly fixed it it would be fixed forever). This would not prevent innovation, nor neccessitate the need for government backdoors and surveillance that violates any kind of privacy. They created the disease, and are trying to force you into a treatment (not a cure) that comprises your security and privacy. Eliminate the potential for the problem, and you won't have to waste time trying to fight it all the time.

DHS is not the agency that can accomplish this.

[Cosmo_deMedici]

From: Deep Inside the Capitol Beltway
To: America

Calling the folks who served on the one-sided panels at Chairman Bennie (I need more business in MS and don?t bother me with national security) Thompson's forum experts is the equivalent of agreeing that Fox News is completely fair and unbiased. Chairman Thompson and most of the folks on the panels were more after scoring political points using misinformation and the inflammatory rhetoric. I was there!

Wishing DHS away is pointless as is having a pre-September 11th mentality; Both are non-starters with real world politics. DHS?s role is to coordinate on cybersecurity and the internet that the U.S. Government sponsored/created ? carrots and sticks would be a nice addition to help do that, but don?t count on it. Congress has NOT finished passing legislation for the 9-11 Commission recommendations, and they will not get all the OLD BULLS (Committee Chairmen) to agree.

Only DHS can do this, as the only other Federal agency that knows cyber better is DoD. So pick DOD and say "Oh Well, I wasn't using my civil liberties anyway." At least DHS is a law enforcement based organization that knows the limit of its authority (every cop knows it - the question is do they cross it).

Moreover, DHS has done more for PRIVACY than the law requires ? they apply citizen rules to everyone?s data. Y?all think Congress is going to update the PRIVACY Act? Get Real, we will be lucky if we get E-Gov reauthorized.