Military Appoints General To Direct Cyber Warfare 132
Posted
by
timothy
from the barry-corbin-not-available dept.
from the barry-corbin-not-available dept.
An anonymous reader writes news from The Guardian, excerpting: "The US military has appointed its first senior general to direct cyber warfare – despite fears that the move marks another stage in the militarisation of cyberspace. The newly promoted four-star general, Keith Alexander, takes charge of the Pentagon's ambitious and controversial new Cyber Command, designed to conduct virtual combat across the world's computer networks. He was appointed on Friday afternoon in a low-key ceremony at Fort Meade, in Maryland."
"militarisation of cyberspace"? (Score:5, Insightful)
I guess someone has never heard of DARPA.
http://www.darpa.mil/ [darpa.mil]
Remember you are .mil and to .mil you shall return (Score:5, Insightful)
More Important Than Alexander's Qualifications (Score:5, Insightful)
Right now, it doesn't matter. He apparently knows how to use people who know more than he does. To me he proved that when he took out the honeytrap site (stupid move, but whatever).
From TFA:
This is the key point. Unfortunately the Federal government is SUPPOSED to move slow. The unfortunate part of that is something like cyberwarfare will always outstrip even the ability of a state government (with the assumption being that state government is meant to move quicker to respond directly to the needs of it's people) to make policy governing its use.
Soooooo....*shrugs*
I'm kind of torn on this. Let the government grind slowly away at policy like it should, or enable them to make snap, on-the-fly decisions with far-reaching ramifications. No matter what you choose, it's the wrong answer.
Re:Qualifications (Score:4, Insightful)
Yes, he's qualified! Now - typical government (not just military) "US air force disclosed that some 30,000 of its troops had been re-assigned from technical support "to the frontlines of cyber warfare"" and ".. Pentagon has been more explicit, stating on Friday that Cyber Command will "direct the operations and defence of specified Department of Defense information networks [involving some 90,000 military personnel] and .."". Wow - maybe double the manpower, then the baby will be born in half the time!
Anyhow, assuming that General Alexander get's enough authority, doubtful!, network security, etc could / might get better. The question is not just "Cyber Warfare", that's a nice sounding term but doesn't really mean much. Often military research has benefitted everyone - we can only hope that it's same in this case!
Re:Qualifications (Score:4, Insightful)
I sure hope this "Cyber Warfare" General knows something about computers, because consultants, and especially computer consultants are very high priced.
I don't imagine, even if the good General "knows something about computers" that he's going to be spending time running around and making sure everyone's printer working fine.
I sure how he knows how to organize an outfit.
Re:"militarisation of cyberspace"? (Score:5, Insightful)
Re:Remember you are .mil and to .mil you shall ret (Score:3, Insightful)
The Internet is a network of networks of computers. It's not a military playground, and just because DARPA were involved in the creation of it doesn't make it American property.
Anything of critical importance such as military kit, medical kit, power, gas, and water infrastructure should not be on the Internet at all.
Re:I am the very model of a modern Cyber General (Score:2, Insightful)
Owww. You have a four-digit Slashdot id, but you don't even know your Gilbert and Sullivan?
Please turn in your geek card.
Re:Internet 2 is not the full answer (Score:3, Insightful)
Take care of that how? By random napalm attacks against anyone who looks a bit shifty? ... There is no need for warmongering.
You have a very limited understanding of what the US military does if you think it exists soley for wars.
Re:Qualifications (Score:5, Insightful)
At that level you are assigned high level goals (like making sure Google doesn' t get hacked by the Chinese.)
Your job is to put good level middle level managers in place to hit a chunk of those individual goals.
The job of those managers is to put good low level managers in place to manage the implementation of the details of one of those goals singly.
The job of the low level managers is to hire you and I to actually do the work, to keep us motivated to deliver that single goal.
The job of you and I : actually care about the details and get it done.
Actual domain knowledge about the minutiae doesn't hurt, but it doesn't really help either.
That said, I think they'd be a lot better off with Thresh - he has a proven record of just pwning on the cyberwarrior field.
Actually not the problem. (Score:4, Insightful)
I've been reading "cyberwar" by Richard Clark. He didn't have anything bad to say about the guy in the story, except that he was the only person willing to take a (pretty much identical) position, that Clark had himself vacated. According to the book the US is actually very very good at cyber attack. But he also says that businesses, he specifically calls out Microsoft, have lobbied extensively, not just to have the government look the other way from their bugs, and keep using their software, but to not regulate security for private business. DHS protects .gov, this cyber thingy protects .mil. No one protects .com and .org. None of the companies want to have security regulations placed on them (including power grid, and financial systems), and neither the previous administration or this one wants to force them. I'm generally against regulation and consider it a bad thing (tm), (its like my department noting they are going to hire more managers, again), but he does make a compelling case. The guys (apparently a very small group) he spoke with at blackhat apparently were persuaded as well, though they (and he) are worried about what sort of oversight is needed, to prevent privacy and worse abuses. Its all well and good to force ISPs to disconnect people detected to be part of botnets until they get their machine cleaned, but false positives that correlate strangely with unpopular opinions on the websites is a truly frightening idea. On the other side, who can argue that FDIC insured banks don't have an obligation to keep the insured money safe per the guidelines of the insurer?