Apple to enhance security across supply chain following White House meeting

Posted:
in General Discussion edited August 2021
After Apple CEO Tim Cook met with President Joe Biden on Wednesday, the company is expected to create a new program focused on increasing security and cyber threat awareness across its technological supply chains.

Supply Chain


Apple's program will introduce security enhancements to its supply chain, including the adoption of multi-factor authentication and security training, the White House said, according to CNBC.

Cook and a cadre of tech industry elite met with Biden on Wednesday to discuss cybersecurity concerns in the wake of a rash of attacks that impacted key U.S. infrastructure and technology entities. Along with Apple, companies like Google, IBM and Microsoft committed to security efforts including the development of new industry standards, supplying other firms with more effective security tools and providing training for cybersecurity jobs, the report said.

Apple's pledge was the least specific of those offered by Big Tech firms represented at today's meeting.

Microsoft pledged a $20 billion investment in security solutions over five years, CEO Satya Nadella said in a tweet. He added that $150 million will help U.S. government agencies upgrade their existing systems and expand the company's cybersecurity training partnerships.

Google promised to invest more than $10 billion over five years toward cybersecurity efforts and said it would train 100,000 people in IT support, data analytics and other related fields through its Career Certificate program, CEO Sundar Pichai said in a tweet.

IBM committed to the training of 150,000 people in cybersecurity skills in three years and announced a new data storage solution for critical infrastructure companies, the report said. The company also said it would partner with Historically Black Colleges and Universities to further workforce diversification, and noted that it is currently working on encryption methods for quantum computing.

Amazon Web Services plans to roll out free multi-factor authentication devices to account holders and said it will offer "Security Awareness training" to organizations and individuals, according to CNBC.

During the meeting, Biden framed cybersecurity as an urgent matter of national security and called on the private sector to beef up existing assets.

"The reality is most of our critical infrastructure is owned and operated by the private sector, and the federal government can't meet this challenge alone," Biden said at the meeting, according to The Washington Post. "You have the power, capacity and responsibility, I believe, to raise the bar on cybersecurity. Ultimately we've got a lot of work to do."

Read on AppleInsider
«1

Comments

  • Reply 1 of 24
    Anyone ask BlackBerry? Yeah it’s Canadian but still - that’s their bread and butter. 
  • Reply 2 of 24
    It should start with the Government agencies. If hackers can access private datas how much more are the government which are slow w tons of gaps….Good Luck w that.  
  • Reply 3 of 24
    Anilu_777 said:
    Anyone ask BlackBerry? Yeah it’s Canadian but still - that’s their bread and butter. 
    Reading your first sentence, I started laughing. Then I saw your second sentence and realized that you weren’t joking. I wasn’t sure that BlackBerry was even still in business. I know that they haven’t produced their own Operating System since 2015 and I’m not sure if they’ve had any new products at all since 2018.
    darkvaderwatto_cobra
  • Reply 4 of 24
    crowleycrowley Posts: 10,453member
    Anilu_777 said:
    Anyone ask BlackBerry? Yeah it’s Canadian but still - that’s their bread and butter. 
    Wouldn’t that be a riot, if Apple turned to, or bought BlackBerry, to help sort out their security issues.
  • Reply 5 of 24
    GeorgeBMacGeorgeBMac Posts: 11,421member
    This is so sad....
    We are apparently taking the same approach to hackers as we took to the Corona Virus:   H I D E    F R O M     I T !

    With the Corona Virus, instead of aggressively attacking the virus we were told to (ONLY) hide in our houses or hide behind masks.   While admittedly better than nothing, it allowed the virus to roam our streets and stalk our schools and businesses infecting as it went.   South Korea, China and others went after the virus instead of hiding from it and controlled it successfully -- while protecting their people and economies.

    Likewise, while cyber thieves and hackers roam our nation looking for openings we plan to play defense only -- with billions of dollars spent trying to block their entrance.

    The analogy to both is:  A serial killer roaming the streets:   Would you tell your people to hide behind locked doors and shuttered windows till he decides to stop?   Or, would you send police out to find him and stop him?

    THAT is what we need for cybercrimes and hacking:   Aggressive Offense.   Not defense.   Criminals will always find a way around any defense if given free rein and enough time.

    (And, another is to hold businesses accountable when their customer's data is stolen.  My data has been stolen from a business at least three times -- and none of those businesses suffered any consequences.  So why would they devote resources to stopping it?)
    jony0
  • Reply 6 of 24
    This is so sad....
    We are apparently taking the same approach to hackers as we took to the Corona Virus:   H I D E    F R O M     I T !

    With the Corona Virus, instead of aggressively attacking the virus we were told to (ONLY) hide in our houses or hide behind masks.   While admittedly better than nothing, it allowed the virus to roam our streets and stalk our schools and businesses infecting as it went.   South Korea, China and others went after the virus instead of hiding from it and controlled it successfully -- while protecting their people and economies.

    Likewise, while cyber thieves and hackers roam our nation looking for openings we plan to play defense only -- with billions of dollars spent trying to block their entrance.

    The analogy to both is:  A serial killer roaming the streets:   Would you tell your people to hide behind locked doors and shuttered windows till he decides to stop?   Or, would you send police out to find him and stop him?

    THAT is what we need for cybercrimes and hacking:   Aggressive Offense.   Not defense.   Criminals will always find a way around any defense if given free rein and enough time.

    (And, another is to hold businesses accountable when their customer's data is stolen.  My data has been stolen from a business at least three times -- and none of those businesses suffered any consequences.  So why would they devote resources to stopping it?)
    What you are saying is inaccurate. I have no idea what you mean by “aggressively  attacking the virus”. The only thing that attacks the virus is the immune system i.e. vaccination. The way that China avoided the virus was by locking people in their houses. During the so-called “lock-down” in the U.S. very few  people were pulled over by the police asking why we were out on the road. In China they literally welded the doors shut. Plus in China the people basically went along with all of the draconian measures because in Asian countries the people generally trust their government much more than in the West. In other Asian countries like South Korea they very aggressively did contact tracing and quarantine measures to stop the virus. They also did this in China but much more aggressively . I should point out that in China most people were just told not to leave their houses and for the most part they complied. They were only rarely actually locked in.

    Your last 2 paragraphs also makes no sense. In the majority of cases that someone is hacked it is from simple good practices that people are not following. For example bad passwords or not implementing 2-factor authentication or getting phished. People have tried to phish me many times. I received an e-mail recently that said I need to change my Apple ID password immediately or I will be locked out and they provided a link. People need to stop reflexively clicking on links without thinking.

    Their is nothing wrong with the government stepping up to the plate with security measures that will at least slow down all of these businesses from getting hacked. It’s not possible to go after the bad guys because they live in countries that are our adversaries and we can’t easily get to those people. Defensive measures are not at all a bad idea. 
    watto_cobra
  • Reply 7 of 24
    GeorgeBMacGeorgeBMac Posts: 11,421member
    What do I mean by attacking the virus?
    China, S Korea and others not only quickly instituted mask wearing but aggressively identified and removed the infection from their society through aggressive testing and contact tracing.  If you were infected, they identified that then identified those you had infected and prevented the infectious from infecting others.  
    ...  We did none of that.  Instead we were told to hide in our houses and (eventually) behind masks -- which was an obviously ineffective strategy.

    The result?
    While we had 500,000 dead and a crashed & trashed economy
    China had less than 5,000 dead and a thriving economy

    But, I shouldn't complain:   I made $80K in the stock market off of our stupidity and ineptitude.

    As for hacking, we are following the same kind of ineffective, defense only strategy.
    If hackers want in, given enough motivation and time they will get in.  Saying the victim's lock wasn't big enough is simply victim blaming.
    ...  Until we stop the hackers, the hacking will continue.
    ...... Just as:  until we stop the virus, the deaths will continue.

    Hiding from either is, at best, a temporary, stop gap measure.  It will solve nothing.
    edited August 2021 jony0
  • Reply 8 of 24
    dewmedewme Posts: 5,328member
    There is absolutely no new ground being covered here. President Biden's reminder that most of the moving parts, in terms of making these initiatives real, is firmly in the hands of the private sector is more than a little disconcerting. If you think the government hates spending money of maintenance and infrastructure as opposed to big new projects in certain voting districts, the private sector is even worse. There's nothing sexy or industry pundit or Wall Street investor inspiring about a big tech company narrowing their attack surface or hardening their servers against cyber security attacks.

    Hey, maybe I missed it in Tim Cook's last keynote, the 20 foot tall screen showing an animation of a bank vault door protecting our data slamming shut, or a slide about how many great engineers were working on software maintenance and refactoring core infrastructure code after having subjected the code to intensive third party security audits. It may have been stitched in the presentation with drooling slather about how many compute cores are on Apple's latest SoC or the performance benefits of unified memory. I sometimes nod off at the beginning those keynotes, you know, the part where Apple pats itself on its own back part with impressively big numbers and shows happy people surfing, swimming, staring at the Milky Way, or doing far more interesting things than we ever do, mostly because they have an Apple product in their lives, in their hand, or on their wrist.

    Face it, Apple, Google, Microsoft, Intel, local, state, and federal governments, etc., are no different than the rest of us when it comes to how we spend our money. We want new, we want shiny, we want slick, we want to impress ourselves and those around us. We want sprinkles on our ice cream and health care plans for our dogs. Things like maintenance, upkeep, grinding through the drudge and sludge to keep normal stuff working are decidedly uncool. No matter that we have entire neighborhoods whose basements fill with raw sewage every time it rains heavily because the residents who are driven from their stench filled homes can gaze upon the shiny new taxpayer subsidized professional football stadium off in the distance.

    When it comes to cyber security the government has been investing very heavily for more than a decade in things like creating PowerPoint presentations and creating working groups that spend a great deal of time describing, but not actually doing, the work that needs to be done. Who could not be impressed with the presentations and launching of initiatives. This one is probably as nice as any of them and could easily have been reused in President Biden's latest meeting (https://www.nist.gov/system/files/documents/cyberframework/critical_infrastructure_cybersecurity.pdf). Just roll all the dates forward, add some new transition effects, order fresh donuts and bagels ... and maybe some pumpkin spice lattes, even though some of us, myself included, have no time in our lives for anything "pumpkin spice" before October, okay maybe late September if you're north of 41 degrees latitude, say in BlackBerry and poutine country.

    muthuk_vanalingamGeorgeBMac
  • Reply 9 of 24
    What do I mean by attacking the virus?
    China, S Korea and others not only quickly instituted mask wearing but aggressively identified and removed the infection from their society through aggressive testing and contact tracing.  If you were infected, they identified that then identified those you had infected and prevented the infectious from infecting others.  
    ...  We did none of that.  Instead we were told to hide in our houses and (eventually) behind masks -- which was an obviously ineffective strategy.

    The result?
    While we had 500,000 dead and a crashed & trashed economy
    China had less than 5,000 dead and a thriving economy

    But, I shouldn't complain:   I made $80K in the stock market off of our stupidity and ineptitude.

    As for hacking, we are following the same kind of ineffective, defense only strategy.
    If hackers want in, given enough motivation and time they will get in.  Saying the victim's lock wasn't big enough is simply victim blaming.
    ...  Until we stop the hackers, the hacking will continue.
    ...... Just as:  until we stop the virus, the deaths will continue.

    Hiding from either is, at best, a temporary, stop gap measure.  It will solve nothing.
    Okay. When you say “Attacking The Virus”, in my mind that sounds like physically attacking. I view contact tracing, testing, and masking to be defensive in nature. It sounds like we agree more than we disagree.

    I really disagree that we are following a defensive strategy on hacking, though. Up to now it looks to me like we have done absolutely nothing whatsoever about hacking. I have been feeling very angry that we keep getting attacked over and over and over again and nothing is being done about it. A big part of the problem is that companies have historically tried to keep quiet if they were hacked. I’m starting to feel like now we are starting to take this issue more seriously. I’m glad about the summit with the technology companies and I’m hoping that they have follow through and figure out some good solutions because all of this hacking needs to stop.
    watto_cobra
  • Reply 10 of 24
    dewme said:
    There is absolutely no new ground being covered here. President Biden's reminder that most of the moving parts, in terms of making these initiatives real, is firmly in the hands of the private sector is more than a little disconcerting. If you think the government hates spending money of maintenance and infrastructure as opposed to big new projects in certain voting districts, the private sector is even worse. There's nothing sexy or industry pundit or Wall Street investor inspiring about a big tech company narrowing their attack surface or hardening their servers against cyber security attacks.

    Hey, maybe I missed it in Tim Cook's last keynote, the 20 foot tall screen showing an animation of a bank vault door protecting our data slamming shut, or a slide about how many great engineers were working on software maintenance and refactoring core infrastructure code after having subjected the code to intensive third party security audits. It may have been stitched in the presentation with drooling slather about how many compute cores are on Apple's latest SoC or the performance benefits of unified memory. I sometimes nod off at the beginning those keynotes, you know, the part where Apple pats itself on its own back part with impressively big numbers and shows happy people surfing, swimming, staring at the Milky Way, or doing far more interesting things than we ever do, mostly because they have an Apple product in their lives, in their hand, or on their wrist.

    Face it, Apple, Google, Microsoft, Intel, local, state, and federal governments, etc., are no different than the rest of us when it comes to how we spend our money. We want new, we want shiny, we want slick, we want to impress ourselves and those around us. We want sprinkles on our ice cream and health care plans for our dogs. Things like maintenance, upkeep, grinding through the drudge and sludge to keep normal stuff working are decidedly uncool. No matter that we have entire neighborhoods whose basements fill with raw sewage every time it rains heavily because the residents who are driven from their stench filled homes can gaze upon the shiny new taxpayer subsidized professional football stadium off in the distance.

    When it comes to cyber security the government has been investing very heavily for more than a decade in things like creating PowerPoint presentations and creating working groups that spend a great deal of time describing, but not actually doing, the work that needs to be done. Who could not be impressed with the presentations and launching of initiatives. This one is probably as nice as any of them and could easily have been reused in President Biden's latest meeting (https://www.nist.gov/system/files/documents/cyberframework/critical_infrastructure_cybersecurity.pdf). Just roll all the dates forward, add some new transition effects, order fresh donuts and bagels ... and maybe some pumpkin spice lattes, even though some of us, myself included, have no time in our lives for anything "pumpkin spice" before October, okay maybe late September if you're north of 41 degrees latitude, say in BlackBerry and poutine country.

    I don’t remember hearing about cyber security initiatives in the past. I don’t remember all of these technology company heads coming to the White House to discuss the cyber security threats and how to prevent them. To me it sounds like we finally might be taking the threat seriously.
    watto_cobra
  • Reply 11 of 24
    GeorgeBMacGeorgeBMac Posts: 11,421member
    dewme said:
    There is absolutely no new ground being covered here. President Biden's reminder that most of the moving parts, in terms of making these initiatives real, is firmly in the hands of the private sector is more than a little disconcerting. If you think the government hates spending money of maintenance and infrastructure as opposed to big new projects in certain voting districts, the private sector is even worse. There's nothing sexy or industry pundit or Wall Street investor inspiring about a big tech company narrowing their attack surface or hardening their servers against cyber security attacks.

    Hey, maybe I missed it in Tim Cook's last keynote, the 20 foot tall screen showing an animation of a bank vault door protecting our data slamming shut, or a slide about how many great engineers were working on software maintenance and refactoring core infrastructure code after having subjected the code to intensive third party security audits. It may have been stitched in the presentation with drooling slather about how many compute cores are on Apple's latest SoC or the performance benefits of unified memory. I sometimes nod off at the beginning those keynotes, you know, the part where Apple pats itself on its own back part with impressively big numbers and shows happy people surfing, swimming, staring at the Milky Way, or doing far more interesting things than we ever do, mostly because they have an Apple product in their lives, in their hand, or on their wrist.

    Face it, Apple, Google, Microsoft, Intel, local, state, and federal governments, etc., are no different than the rest of us when it comes to how we spend our money. We want new, we want shiny, we want slick, we want to impress ourselves and those around us. We want sprinkles on our ice cream and health care plans for our dogs. Things like maintenance, upkeep, grinding through the drudge and sludge to keep normal stuff working are decidedly uncool. No matter that we have entire neighborhoods whose basements fill with raw sewage every time it rains heavily because the residents who are driven from their stench filled homes can gaze upon the shiny new taxpayer subsidized professional football stadium off in the distance.

    When it comes to cyber security the government has been investing very heavily for more than a decade in things like creating PowerPoint presentations and creating working groups that spend a great deal of time describing, but not actually doing, the work that needs to be done. Who could not be impressed with the presentations and launching of initiatives. This one is probably as nice as any of them and could easily have been reused in President Biden's latest meeting (https://www.nist.gov/system/files/documents/cyberframework/critical_infrastructure_cybersecurity.pdf). Just roll all the dates forward, add some new transition effects, order fresh donuts and bagels ... and maybe some pumpkin spice lattes, even though some of us, myself included, have no time in our lives for anything "pumpkin spice" before October, okay maybe late September if you're north of 41 degrees latitude, say in BlackBerry and poutine country.


    That could all be remedied quickly and easily if we would only break down and spend 3/4's of Trillion dollars a year to defend our country!

    ...  Oh wait!   Never mind....
  • Reply 12 of 24
    GeorgeBMacGeorgeBMac Posts: 11,421member
    dewme said:
    There is absolutely no new ground being covered here. President Biden's reminder that most of the moving parts, in terms of making these initiatives real, is firmly in the hands of the private sector is more than a little disconcerting. If you think the government hates spending money of maintenance and infrastructure as opposed to big new projects in certain voting districts, the private sector is even worse. There's nothing sexy or industry pundit or Wall Street investor inspiring about a big tech company narrowing their attack surface or hardening their servers against cyber security attacks.

    Hey, maybe I missed it in Tim Cook's last keynote, the 20 foot tall screen showing an animation of a bank vault door protecting our data slamming shut, or a slide about how many great engineers were working on software maintenance and refactoring core infrastructure code after having subjected the code to intensive third party security audits. It may have been stitched in the presentation with drooling slather about how many compute cores are on Apple's latest SoC or the performance benefits of unified memory. I sometimes nod off at the beginning those keynotes, you know, the part where Apple pats itself on its own back part with impressively big numbers and shows happy people surfing, swimming, staring at the Milky Way, or doing far more interesting things than we ever do, mostly because they have an Apple product in their lives, in their hand, or on their wrist.

    Face it, Apple, Google, Microsoft, Intel, local, state, and federal governments, etc., are no different than the rest of us when it comes to how we spend our money. We want new, we want shiny, we want slick, we want to impress ourselves and those around us. We want sprinkles on our ice cream and health care plans for our dogs. Things like maintenance, upkeep, grinding through the drudge and sludge to keep normal stuff working are decidedly uncool. No matter that we have entire neighborhoods whose basements fill with raw sewage every time it rains heavily because the residents who are driven from their stench filled homes can gaze upon the shiny new taxpayer subsidized professional football stadium off in the distance.

    When it comes to cyber security the government has been investing very heavily for more than a decade in things like creating PowerPoint presentations and creating working groups that spend a great deal of time describing, but not actually doing, the work that needs to be done. Who could not be impressed with the presentations and launching of initiatives. This one is probably as nice as any of them and could easily have been reused in President Biden's latest meeting (https://www.nist.gov/system/files/documents/cyberframework/critical_infrastructure_cybersecurity.pdf). Just roll all the dates forward, add some new transition effects, order fresh donuts and bagels ... and maybe some pumpkin spice lattes, even though some of us, myself included, have no time in our lives for anything "pumpkin spice" before October, okay maybe late September if you're north of 41 degrees latitude, say in BlackBerry and poutine country.

    I don’t remember hearing about cyber security initiatives in the past. I don’t remember all of these technology company heads coming to the White House to discuss the cyber security threats and how to prevent them. To me it sounds like we finally might be taking the threat seriously.

    Yeh, taking it seriously is a good first step.   Kudos for that!  (It's long past due!) 
    But all these companies can do is play defense.   These are cyber terrorists.  It's our government's job to take them out.
  • Reply 13 of 24
    gatorguygatorguy Posts: 24,176member
    dewme said:
    There is absolutely no new ground being covered here. President Biden's reminder that most of the moving parts, in terms of making these initiatives real, is firmly in the hands of the private sector is more than a little disconcerting. If you think the government hates spending money of maintenance and infrastructure as opposed to big new projects in certain voting districts, the private sector is even worse. There's nothing sexy or industry pundit or Wall Street investor inspiring about a big tech company narrowing their attack surface or hardening their servers against cyber security attacks.

    Hey, maybe I missed it in Tim Cook's last keynote, the 20 foot tall screen showing an animation of a bank vault door protecting our data slamming shut, or a slide about how many great engineers were working on software maintenance and refactoring core infrastructure code after having subjected the code to intensive third party security audits. It may have been stitched in the presentation with drooling slather about how many compute cores are on Apple's latest SoC or the performance benefits of unified memory. I sometimes nod off at the beginning those keynotes, you know, the part where Apple pats itself on its own back part with impressively big numbers and shows happy people surfing, swimming, staring at the Milky Way, or doing far more interesting things than we ever do, mostly because they have an Apple product in their lives, in their hand, or on their wrist.

    Face it, Apple, Google, Microsoft, Intel, local, state, and federal governments, etc., are no different than the rest of us when it comes to how we spend our money. We want new, we want shiny, we want slick, we want to impress ourselves and those around us. We want sprinkles on our ice cream and health care plans for our dogs. Things like maintenance, upkeep, grinding through the drudge and sludge to keep normal stuff working are decidedly uncool. No matter that we have entire neighborhoods whose basements fill with raw sewage every time it rains heavily because the residents who are driven from their stench filled homes can gaze upon the shiny new taxpayer subsidized professional football stadium off in the distance.

    When it comes to cyber security the government has been investing very heavily for more than a decade in things like creating PowerPoint presentations and creating working groups that spend a great deal of time describing, but not actually doing, the work that needs to be done. Who could not be impressed with the presentations and launching of initiatives. This one is probably as nice as any of them and could easily have been reused in President Biden's latest meeting (https://www.nist.gov/system/files/documents/cyberframework/critical_infrastructure_cybersecurity.pdf). Just roll all the dates forward, add some new transition effects, order fresh donuts and bagels ... and maybe some pumpkin spice lattes, even though some of us, myself included, have no time in our lives for anything "pumpkin spice" before October, okay maybe late September if you're north of 41 degrees latitude, say in BlackBerry and poutine country.

    I don’t remember hearing about cyber security initiatives in the past. I don’t remember all of these technology company heads coming to the White House to discuss the cyber security threats and how to prevent them. To me it sounds like we finally might be taking the threat seriously.

    Yeh, taking it seriously is a good first step.   Kudos for that!  (It's long past due!) 
    But all these companies can do is play defense.   These are cyber terrorists.  It's our government's job to take them out.
    https://www.npr.org/2021/07/19/1017844801/biden-administration-accuses-china-microsoft-hack
    Suggestion? It sounds as tho you'd be good, better than good in fact, with counter-cyberwarfare against Chinese interests.
    Chinese technology, infrastructure like dams and electricity, financial systems would all be appropriate targets to get their attention?
    edited August 2021
  • Reply 14 of 24
    dewmedewme Posts: 5,328member
    dewme said:
    There is absolutely no new ground being covered here. President Biden's reminder that most of the moving parts, in terms of making these initiatives real, is firmly in the hands of the private sector is more than a little disconcerting. If you think the government hates spending money of maintenance and infrastructure as opposed to big new projects in certain voting districts, the private sector is even worse. There's nothing sexy or industry pundit or Wall Street investor inspiring about a big tech company narrowing their attack surface or hardening their servers against cyber security attacks.

    Hey, maybe I missed it in Tim Cook's last keynote, the 20 foot tall screen showing an animation of a bank vault door protecting our data slamming shut, or a slide about how many great engineers were working on software maintenance and refactoring core infrastructure code after having subjected the code to intensive third party security audits. It may have been stitched in the presentation with drooling slather about how many compute cores are on Apple's latest SoC or the performance benefits of unified memory. I sometimes nod off at the beginning those keynotes, you know, the part where Apple pats itself on its own back part with impressively big numbers and shows happy people surfing, swimming, staring at the Milky Way, or doing far more interesting things than we ever do, mostly because they have an Apple product in their lives, in their hand, or on their wrist.

    Face it, Apple, Google, Microsoft, Intel, local, state, and federal governments, etc., are no different than the rest of us when it comes to how we spend our money. We want new, we want shiny, we want slick, we want to impress ourselves and those around us. We want sprinkles on our ice cream and health care plans for our dogs. Things like maintenance, upkeep, grinding through the drudge and sludge to keep normal stuff working are decidedly uncool. No matter that we have entire neighborhoods whose basements fill with raw sewage every time it rains heavily because the residents who are driven from their stench filled homes can gaze upon the shiny new taxpayer subsidized professional football stadium off in the distance.

    When it comes to cyber security the government has been investing very heavily for more than a decade in things like creating PowerPoint presentations and creating working groups that spend a great deal of time describing, but not actually doing, the work that needs to be done. Who could not be impressed with the presentations and launching of initiatives. This one is probably as nice as any of them and could easily have been reused in President Biden's latest meeting (https://www.nist.gov/system/files/documents/cyberframework/critical_infrastructure_cybersecurity.pdf). Just roll all the dates forward, add some new transition effects, order fresh donuts and bagels ... and maybe some pumpkin spice lattes, even though some of us, myself included, have no time in our lives for anything "pumpkin spice" before October, okay maybe late September if you're north of 41 degrees latitude, say in BlackBerry and poutine country.

    I don’t remember hearing about cyber security initiatives in the past. I don’t remember all of these technology company heads coming to the White House to discuss the cyber security threats and how to prevent them. To me it sounds like we finally might be taking the threat seriously.
    You have to look beyond the immediate past administration. The Obama administration was very proactive on cybersecurity and included direct interaction with industry and tech leaders, whether physically at the WH or at WH sponsored meetings like this one at Stanford (https://obamawhitehouse.archives.gov/issues/foreign-policy/cybersecurity/summit). Tim Cook took a hard stance against anything that the government was proposing that might impact Apple's privacy concerns. Skip ahead 4 plus years of "no-touch to low-touch" cyber security involvement from the WH, and now Biden jumped back in and picked up where Obama left off and with 4+ more years of constant cyber attack beatings that has left us where we are today.  

    If you read comments from this week's meeting from Michael Daniel (Obama's cyber coordinator and now president of the Cyber Threat Alliance) and from President Biden you will see that this week's meeting wasn't a kumbaya around the campfire with all of these executives suddenly stepping up to do the right thing and throw their money and talents at the problem. Yes, they stepped up, cha-ching, but the messaging from the government's side was very much that they've spent a decade or more waiting for industry to voluntarily set standards for cyber security and not enough has actually  happened. In other words, either you guys in the private sector help us really fix this or we'll impose mandatory requirements on you. That would not be in anyone's best interests, imho.

    Hey, this public-private sector cooperation is all good, but it has to translate into real actions. It's pretty apparent that most of the big tech companies are taking this very seriously. The money side of these businesses will have to come to terms with the longer term impacts to their businesses. They can't simply write a big check and go back to what they were doing. The same thing holds for the government and public sector side as well. All of this technology and the ability to produce the hard and soft wares needed to create it and maintain it without disruption from natural and man-made disasters is as vital a part of our critical infrastructure as are bridges, airports, seaports, and highways. If the infrastructure things that we can actually lay our eyes on are in as bad a shape as they appear to be, just imagine how bad shape the things that we cannot see are in.  
  • Reply 15 of 24
    nicholfdnicholfd Posts: 824member
    Anilu_777 said:
    Anyone ask BlackBerry? Yeah it’s Canadian but still - that’s their bread and butter. 
    I used to support 1000's of BlackBerry's globally, before the iPhone existed, and up until the iPhone made it history - total crap system (their software, servers, support, etc.)  But hey - they had a physical keyboard (and a trackball that always gummed up)!!!  The models with the 1/2" trackpad seemed to physically work ok.  But the software - they couldn't even keep time zones properly for EU/Asian countries.

    Blackberry also bought/further developed/sold QNX - an OS for cars, equipment, etc.

    Maybe you missed this recently (2021):  BlackBerry resisted announcing major flaw in software powering cars, hospital equipment - POLITICO
    watto_cobrajony0
  • Reply 16 of 24
    GeorgeBMacGeorgeBMac Posts: 11,421member
    gatorguy said:
    dewme said:
    There is absolutely no new ground being covered here. President Biden's reminder that most of the moving parts, in terms of making these initiatives real, is firmly in the hands of the private sector is more than a little disconcerting. If you think the government hates spending money of maintenance and infrastructure as opposed to big new projects in certain voting districts, the private sector is even worse. There's nothing sexy or industry pundit or Wall Street investor inspiring about a big tech company narrowing their attack surface or hardening their servers against cyber security attacks.

    Hey, maybe I missed it in Tim Cook's last keynote, the 20 foot tall screen showing an animation of a bank vault door protecting our data slamming shut, or a slide about how many great engineers were working on software maintenance and refactoring core infrastructure code after having subjected the code to intensive third party security audits. It may have been stitched in the presentation with drooling slather about how many compute cores are on Apple's latest SoC or the performance benefits of unified memory. I sometimes nod off at the beginning those keynotes, you know, the part where Apple pats itself on its own back part with impressively big numbers and shows happy people surfing, swimming, staring at the Milky Way, or doing far more interesting things than we ever do, mostly because they have an Apple product in their lives, in their hand, or on their wrist.

    Face it, Apple, Google, Microsoft, Intel, local, state, and federal governments, etc., are no different than the rest of us when it comes to how we spend our money. We want new, we want shiny, we want slick, we want to impress ourselves and those around us. We want sprinkles on our ice cream and health care plans for our dogs. Things like maintenance, upkeep, grinding through the drudge and sludge to keep normal stuff working are decidedly uncool. No matter that we have entire neighborhoods whose basements fill with raw sewage every time it rains heavily because the residents who are driven from their stench filled homes can gaze upon the shiny new taxpayer subsidized professional football stadium off in the distance.

    When it comes to cyber security the government has been investing very heavily for more than a decade in things like creating PowerPoint presentations and creating working groups that spend a great deal of time describing, but not actually doing, the work that needs to be done. Who could not be impressed with the presentations and launching of initiatives. This one is probably as nice as any of them and could easily have been reused in President Biden's latest meeting (https://www.nist.gov/system/files/documents/cyberframework/critical_infrastructure_cybersecurity.pdf). Just roll all the dates forward, add some new transition effects, order fresh donuts and bagels ... and maybe some pumpkin spice lattes, even though some of us, myself included, have no time in our lives for anything "pumpkin spice" before October, okay maybe late September if you're north of 41 degrees latitude, say in BlackBerry and poutine country.

    I don’t remember hearing about cyber security initiatives in the past. I don’t remember all of these technology company heads coming to the White House to discuss the cyber security threats and how to prevent them. To me it sounds like we finally might be taking the threat seriously.

    Yeh, taking it seriously is a good first step.   Kudos for that!  (It's long past due!) 
    But all these companies can do is play defense.   These are cyber terrorists.  It's our government's job to take them out.
    https://www.npr.org/2021/07/19/1017844801/biden-administration-accuses-china-microsoft-hack
    Suggestion? It sounds as tho you'd be good, better than good in fact, with counter-cyberwarfare against Chinese interests.
    Chinese technology, infrastructure like dams and electricity, financial systems would all be appropriate targets to get their attention?
    My understanding is that it wasn't China but Chinese people -- big difference -- unless you're a China hater or a racist.
    Or just trolling.

    edited August 2021
  • Reply 17 of 24
    gatorguygatorguy Posts: 24,176member
    gatorguy said:
    dewme said:
    There is absolutely no new ground being covered here. President Biden's reminder that most of the moving parts, in terms of making these initiatives real, is firmly in the hands of the private sector is more than a little disconcerting. If you think the government hates spending money of maintenance and infrastructure as opposed to big new projects in certain voting districts, the private sector is even worse. There's nothing sexy or industry pundit or Wall Street investor inspiring about a big tech company narrowing their attack surface or hardening their servers against cyber security attacks.

    Hey, maybe I missed it in Tim Cook's last keynote, the 20 foot tall screen showing an animation of a bank vault door protecting our data slamming shut, or a slide about how many great engineers were working on software maintenance and refactoring core infrastructure code after having subjected the code to intensive third party security audits. It may have been stitched in the presentation with drooling slather about how many compute cores are on Apple's latest SoC or the performance benefits of unified memory. I sometimes nod off at the beginning those keynotes, you know, the part where Apple pats itself on its own back part with impressively big numbers and shows happy people surfing, swimming, staring at the Milky Way, or doing far more interesting things than we ever do, mostly because they have an Apple product in their lives, in their hand, or on their wrist.

    Face it, Apple, Google, Microsoft, Intel, local, state, and federal governments, etc., are no different than the rest of us when it comes to how we spend our money. We want new, we want shiny, we want slick, we want to impress ourselves and those around us. We want sprinkles on our ice cream and health care plans for our dogs. Things like maintenance, upkeep, grinding through the drudge and sludge to keep normal stuff working are decidedly uncool. No matter that we have entire neighborhoods whose basements fill with raw sewage every time it rains heavily because the residents who are driven from their stench filled homes can gaze upon the shiny new taxpayer subsidized professional football stadium off in the distance.

    When it comes to cyber security the government has been investing very heavily for more than a decade in things like creating PowerPoint presentations and creating working groups that spend a great deal of time describing, but not actually doing, the work that needs to be done. Who could not be impressed with the presentations and launching of initiatives. This one is probably as nice as any of them and could easily have been reused in President Biden's latest meeting (https://www.nist.gov/system/files/documents/cyberframework/critical_infrastructure_cybersecurity.pdf). Just roll all the dates forward, add some new transition effects, order fresh donuts and bagels ... and maybe some pumpkin spice lattes, even though some of us, myself included, have no time in our lives for anything "pumpkin spice" before October, okay maybe late September if you're north of 41 degrees latitude, say in BlackBerry and poutine country.

    I don’t remember hearing about cyber security initiatives in the past. I don’t remember all of these technology company heads coming to the White House to discuss the cyber security threats and how to prevent them. To me it sounds like we finally might be taking the threat seriously.

    Yeh, taking it seriously is a good first step.   Kudos for that!  (It's long past due!) 
    But all these companies can do is play defense.   These are cyber terrorists.  It's our government's job to take them out.
    https://www.npr.org/2021/07/19/1017844801/biden-administration-accuses-china-microsoft-hack
    Suggestion? It sounds as tho you'd be good, better than good in fact, with counter-cyberwarfare against Chinese interests.
    Chinese technology, infrastructure like dams and electricity, financial systems would all be appropriate targets to get their attention?
    My understanding is that it wasn't China but Chinese people -- big difference -- unless you're a China hater or a racist.
    Or just trolling.

    George, I can't make you read the articles I link, and yes I 100% get the news you've been trusting comes from Chinese-sanctioned sources. 

     In this case you really should read the link I provided. Biden says the Chinese Government hired them. It wasn't simply "Chinese people" acting on their own accord so I do believe you have misunderstood. 

    Here ya go. Read it this time.
    https://www.npr.org/2021/07/19/1017844801/biden-administration-accuses-china-microsoft-hack

    The Biden administration official said that China's Ministry of State Security employed criminal contract hackers "to conduct unsanctioned cyber operations globally, including for their own personal profit."

    Although the U.S. says criminal gangs of hackers with links to Russian intelligence carried out such audacious ransomware attacks as the one that caused Colonial Pipeline – a major U.S. petroleum distribution network – to shut down temporarily, China's outright hiring of contract hackers is "distinct," the official said.

    Biden is not Trump, so let's give him the benefit of the doubt that he's not lying. With that in mind I'll ask you again: Your original comment sounds as tho you'd be good, better than good in fact, with counter-cyberwarfare against hackers who attack the US. Those hackers in this case are Chinese government hired with Chinese interests. So Chinese technology, infrastructure like dams and electricity, financial systems would all be appropriate targets to get their attention? 

    Unless you're just here to troll us you'll try to make more of an effort to be honest and acknowledge sometimes the Chinese Government does bad things that invite a response. 

    edited August 2021 muthuk_vanalingam
  • Reply 18 of 24
    GeorgeBMacGeorgeBMac Posts: 11,421member
    gatorguy said:
    gatorguy said:
    dewme said:
    There is absolutely no new ground being covered here. President Biden's reminder that most of the moving parts, in terms of making these initiatives real, is firmly in the hands of the private sector is more than a little disconcerting. If you think the government hates spending money of maintenance and infrastructure as opposed to big new projects in certain voting districts, the private sector is even worse. There's nothing sexy or industry pundit or Wall Street investor inspiring about a big tech company narrowing their attack surface or hardening their servers against cyber security attacks.

    Hey, maybe I missed it in Tim Cook's last keynote, the 20 foot tall screen showing an animation of a bank vault door protecting our data slamming shut, or a slide about how many great engineers were working on software maintenance and refactoring core infrastructure code after having subjected the code to intensive third party security audits. It may have been stitched in the presentation with drooling slather about how many compute cores are on Apple's latest SoC or the performance benefits of unified memory. I sometimes nod off at the beginning those keynotes, you know, the part where Apple pats itself on its own back part with impressively big numbers and shows happy people surfing, swimming, staring at the Milky Way, or doing far more interesting things than we ever do, mostly because they have an Apple product in their lives, in their hand, or on their wrist.

    Face it, Apple, Google, Microsoft, Intel, local, state, and federal governments, etc., are no different than the rest of us when it comes to how we spend our money. We want new, we want shiny, we want slick, we want to impress ourselves and those around us. We want sprinkles on our ice cream and health care plans for our dogs. Things like maintenance, upkeep, grinding through the drudge and sludge to keep normal stuff working are decidedly uncool. No matter that we have entire neighborhoods whose basements fill with raw sewage every time it rains heavily because the residents who are driven from their stench filled homes can gaze upon the shiny new taxpayer subsidized professional football stadium off in the distance.

    When it comes to cyber security the government has been investing very heavily for more than a decade in things like creating PowerPoint presentations and creating working groups that spend a great deal of time describing, but not actually doing, the work that needs to be done. Who could not be impressed with the presentations and launching of initiatives. This one is probably as nice as any of them and could easily have been reused in President Biden's latest meeting (https://www.nist.gov/system/files/documents/cyberframework/critical_infrastructure_cybersecurity.pdf). Just roll all the dates forward, add some new transition effects, order fresh donuts and bagels ... and maybe some pumpkin spice lattes, even though some of us, myself included, have no time in our lives for anything "pumpkin spice" before October, okay maybe late September if you're north of 41 degrees latitude, say in BlackBerry and poutine country.

    I don’t remember hearing about cyber security initiatives in the past. I don’t remember all of these technology company heads coming to the White House to discuss the cyber security threats and how to prevent them. To me it sounds like we finally might be taking the threat seriously.

    Yeh, taking it seriously is a good first step.   Kudos for that!  (It's long past due!) 
    But all these companies can do is play defense.   These are cyber terrorists.  It's our government's job to take them out.
    https://www.npr.org/2021/07/19/1017844801/biden-administration-accuses-china-microsoft-hack
    Suggestion? It sounds as tho you'd be good, better than good in fact, with counter-cyberwarfare against Chinese interests.
    Chinese technology, infrastructure like dams and electricity, financial systems would all be appropriate targets to get their attention?
    My understanding is that it wasn't China but Chinese people -- big difference -- unless you're a China hater or a racist.
    Or just trolling.

    George, I can't make you read the articles I link, and yes I 100% get the news you've been trusting comes from Chinese-sanctioned sources. 

     In this case you really should read the link I provided. Biden says the Chinese Government hired them. It wasn't simply "Chinese people" acting on their own accord so I do believe you have misunderstood. 

    Here ya go. Read it this time.
    https://www.npr.org/2021/07/19/1017844801/biden-administration-accuses-china-microsoft-hack

    The Biden administration official said that China's Ministry of State Security employed criminal contract hackers "to conduct unsanctioned cyber operations globally, including for their own personal profit."

    Although the U.S. says criminal gangs of hackers with links to Russian intelligence carried out such audacious ransomware attacks as the one that caused Colonial Pipeline – a major U.S. petroleum distribution network – to shut down temporarily, China's outright hiring of contract hackers is "distinct," the official said.

    Biden is not Trump, so let's give him the benefit of the doubt that he's not lying. With that in mind I'll ask you again: Your original comment sounds as tho you'd be good, better than good in fact, with counter-cyberwarfare against hackers who attack the US. Those hackers in this case are Chinese government hired with Chinese interests. So Chinese technology, infrastructure like dams and electricity, financial systems would all be appropriate targets to get their attention? 

    Unless you're just here to troll us you'll try to make more of an effort to be honest and acknowledge sometimes the Chinese Government does bad things that invite a response. 

    Yes, I had read such stuff at the time.  But, what was notable was that we never took any action of any sort against the Chinese government -- not even an official protest or investigation by any international body.  It was simply empty words that appeared to be speculative rather than verified and the fact that our allies were so wishy washy on it supported the speculative nature of it.

    Also, what was notable was the uproar over speculation that China could have been behind it versus years of Russian attacks that get mostly a yawn.   That points to the possibility that we're using it as a propaganda point.

    As for Biden:   I'm disappointed that he appears to be parroting Trump's international policies.  It could be that he's more afraid of ReTrumplicans than China (or Iran).

    BTW, I check Global Times for the same reason I check FauxNews -- to see what they are saying.   And, the change over the last 2-3 years has been dramatic.  At first, like American media once did, they gave Trumps lies legitimacy through false equivalency.   Now, they hit right back.  It's clear they would prefer to drop this "lab leak" nonsense.  But since we won't, then they won't and they're going full steam on the Ft Detrick theory.  Personally, I'm glad to see them standing up to the lies --not because I love China -- but it pains me to see my country so weak that it resorts to lies and propaganda.

  • Reply 19 of 24
    gatorguygatorguy Posts: 24,176member
    gatorguy said:
    gatorguy said:
    dewme said:
    There is absolutely no new ground being covered here. President Biden's reminder that most of the moving parts, in terms of making these initiatives real, is firmly in the hands of the private sector is more than a little disconcerting. If you think the government hates spending money of maintenance and infrastructure as opposed to big new projects in certain voting districts, the private sector is even worse. There's nothing sexy or industry pundit or Wall Street investor inspiring about a big tech company narrowing their attack surface or hardening their servers against cyber security attacks.

    Hey, maybe I missed it in Tim Cook's last keynote, the 20 foot tall screen showing an animation of a bank vault door protecting our data slamming shut, or a slide about how many great engineers were working on software maintenance and refactoring core infrastructure code after having subjected the code to intensive third party security audits. It may have been stitched in the presentation with drooling slather about how many compute cores are on Apple's latest SoC or the performance benefits of unified memory. I sometimes nod off at the beginning those keynotes, you know, the part where Apple pats itself on its own back part with impressively big numbers and shows happy people surfing, swimming, staring at the Milky Way, or doing far more interesting things than we ever do, mostly because they have an Apple product in their lives, in their hand, or on their wrist.

    Face it, Apple, Google, Microsoft, Intel, local, state, and federal governments, etc., are no different than the rest of us when it comes to how we spend our money. We want new, we want shiny, we want slick, we want to impress ourselves and those around us. We want sprinkles on our ice cream and health care plans for our dogs. Things like maintenance, upkeep, grinding through the drudge and sludge to keep normal stuff working are decidedly uncool. No matter that we have entire neighborhoods whose basements fill with raw sewage every time it rains heavily because the residents who are driven from their stench filled homes can gaze upon the shiny new taxpayer subsidized professional football stadium off in the distance.

    When it comes to cyber security the government has been investing very heavily for more than a decade in things like creating PowerPoint presentations and creating working groups that spend a great deal of time describing, but not actually doing, the work that needs to be done. Who could not be impressed with the presentations and launching of initiatives. This one is probably as nice as any of them and could easily have been reused in President Biden's latest meeting (https://www.nist.gov/system/files/documents/cyberframework/critical_infrastructure_cybersecurity.pdf). Just roll all the dates forward, add some new transition effects, order fresh donuts and bagels ... and maybe some pumpkin spice lattes, even though some of us, myself included, have no time in our lives for anything "pumpkin spice" before October, okay maybe late September if you're north of 41 degrees latitude, say in BlackBerry and poutine country.

    I don’t remember hearing about cyber security initiatives in the past. I don’t remember all of these technology company heads coming to the White House to discuss the cyber security threats and how to prevent them. To me it sounds like we finally might be taking the threat seriously.

    Yeh, taking it seriously is a good first step.   Kudos for that!  (It's long past due!) 
    But all these companies can do is play defense.   These are cyber terrorists.  It's our government's job to take them out.
    https://www.npr.org/2021/07/19/1017844801/biden-administration-accuses-china-microsoft-hack
    Suggestion? It sounds as tho you'd be good, better than good in fact, with counter-cyberwarfare against Chinese interests.
    Chinese technology, infrastructure like dams and electricity, financial systems would all be appropriate targets to get their attention?
    My understanding is that it wasn't China but Chinese people -- big difference -- unless you're a China hater or a racist.
    Or just trolling.

    George, I can't make you read the articles I link, and yes I 100% get the news you've been trusting comes from Chinese-sanctioned sources. 

     In this case you really should read the link I provided. Biden says the Chinese Government hired them. It wasn't simply "Chinese people" acting on their own accord so I do believe you have misunderstood. 

    Here ya go. Read it this time.
    https://www.npr.org/2021/07/19/1017844801/biden-administration-accuses-china-microsoft-hack

    The Biden administration official said that China's Ministry of State Security employed criminal contract hackers "to conduct unsanctioned cyber operations globally, including for their own personal profit."

    Although the U.S. says criminal gangs of hackers with links to Russian intelligence carried out such audacious ransomware attacks as the one that caused Colonial Pipeline – a major U.S. petroleum distribution network – to shut down temporarily, China's outright hiring of contract hackers is "distinct," the official said.

    Biden is not Trump, so let's give him the benefit of the doubt that he's not lying. With that in mind I'll ask you again: Your original comment sounds as tho you'd be good, better than good in fact, with counter-cyberwarfare against hackers who attack the US. Those hackers in this case are Chinese government hired with Chinese interests. So Chinese technology, infrastructure like dams and electricity, financial systems would all be appropriate targets to get their attention? 

    Unless you're just here to troll us you'll try to make more of an effort to be honest and acknowledge sometimes the Chinese Government does bad things that invite a response. 

    Yes, I had read such stuff at the time.  But, what was notable was that we never took any action of any sort against the Chinese government -- not even an official protest or investigation by any international body.  It was simply empty words that appeared to be speculative rather than verified and the fact that our allies were so wishy washy on it supported the speculative nature of it.

    Also, what was notable was the uproar over speculation that China could have been behind it versus years of Russian attacks that get mostly a yawn.   That points to the possibility that we're using it as a propaganda point.

    As for Biden:   I'm disappointed that he appears to be parroting Trump's international policies.  It could be that he's more afraid of ReTrumplicans than China (or Iran).

    BTW, I check Global Times for the same reason I check FauxNews -- to see what they are saying.   And, the change over the last 2-3 years has been dramatic.  At first, like American media once did, they gave Trumps lies legitimacy through false equivalency.   Now, they hit right back.  It's clear they would prefer to drop this "lab leak" nonsense.  But since we won't, then they won't and they're going full steam on the Ft Detrick theory.  Personally, I'm glad to see them standing up to the lies --not because I love China -- but it pains me to see my country so weak that it resorts to lies and propaganda.

    George, you're still 100% avoiding the question. If it is true as Biden says that China hired hackers to attack US interests is the appropriate response to it counter-cyberwarfare against Chinese interests and what Chinese targets do you think are appropriate to get their attention? I wouldn't have thought that too tough a question, especially considering how emphatically you said, and I quote: "These are cyber terrorists.  It's our government's job to take them out."

    One question at a time as I have one more after you answer this one.
    edited August 2021 muthuk_vanalingamwatto_cobra
  • Reply 20 of 24
    GeorgeBMacGeorgeBMac Posts: 11,421member
    gatorguy said:
    gatorguy said:
    dewme said:
    There is absolutely no new ground being covered here. President Biden's reminder that most of the moving parts, in terms of making these initiatives real, is firmly in the hands of the private sector is more than a little disconcerting. If you think the government hates spending money of maintenance and infrastructure as opposed to big new projects in certain voting districts, the private sector is even worse. There's nothing sexy or industry pundit or Wall Street investor inspiring about a big tech company narrowing their attack surface or hardening their servers against cyber security attacks.

    Hey, maybe I missed it in Tim Cook's last keynote, the 20 foot tall screen showing an animation of a bank vault door protecting our data slamming shut, or a slide about how many great engineers were working on software maintenance and refactoring core infrastructure code after having subjected the code to intensive third party security audits. It may have been stitched in the presentation with drooling slather about how many compute cores are on Apple's latest SoC or the performance benefits of unified memory. I sometimes nod off at the beginning those keynotes, you know, the part where Apple pats itself on its own back part with impressively big numbers and shows happy people surfing, swimming, staring at the Milky Way, or doing far more interesting things than we ever do, mostly because they have an Apple product in their lives, in their hand, or on their wrist.

    Face it, Apple, Google, Microsoft, Intel, local, state, and federal governments, etc., are no different than the rest of us when it comes to how we spend our money. We want new, we want shiny, we want slick, we want to impress ourselves and those around us. We want sprinkles on our ice cream and health care plans for our dogs. Things like maintenance, upkeep, grinding through the drudge and sludge to keep normal stuff working are decidedly uncool. No matter that we have entire neighborhoods whose basements fill with raw sewage every time it rains heavily because the residents who are driven from their stench filled homes can gaze upon the shiny new taxpayer subsidized professional football stadium off in the distance.

    When it comes to cyber security the government has been investing very heavily for more than a decade in things like creating PowerPoint presentations and creating working groups that spend a great deal of time describing, but not actually doing, the work that needs to be done. Who could not be impressed with the presentations and launching of initiatives. This one is probably as nice as any of them and could easily have been reused in President Biden's latest meeting (https://www.nist.gov/system/files/documents/cyberframework/critical_infrastructure_cybersecurity.pdf). Just roll all the dates forward, add some new transition effects, order fresh donuts and bagels ... and maybe some pumpkin spice lattes, even though some of us, myself included, have no time in our lives for anything "pumpkin spice" before October, okay maybe late September if you're north of 41 degrees latitude, say in BlackBerry and poutine country.

    I don’t remember hearing about cyber security initiatives in the past. I don’t remember all of these technology company heads coming to the White House to discuss the cyber security threats and how to prevent them. To me it sounds like we finally might be taking the threat seriously.

    Yeh, taking it seriously is a good first step.   Kudos for that!  (It's long past due!) 
    But all these companies can do is play defense.   These are cyber terrorists.  It's our government's job to take them out.
    https://www.npr.org/2021/07/19/1017844801/biden-administration-accuses-china-microsoft-hack
    Suggestion? It sounds as tho you'd be good, better than good in fact, with counter-cyberwarfare against Chinese interests.
    Chinese technology, infrastructure like dams and electricity, financial systems would all be appropriate targets to get their attention?
    My understanding is that it wasn't China but Chinese people -- big difference -- unless you're a China hater or a racist.
    Or just trolling.

    George, I can't make you read the articles I link, and yes I 100% get the news you've been trusting comes from Chinese-sanctioned sources. 

     In this case you really should read the link I provided. Biden says the Chinese Government hired them. It wasn't simply "Chinese people" acting on their own accord so I do believe you have misunderstood. 

    Here ya go. Read it this time.
    https://www.npr.org/2021/07/19/1017844801/biden-administration-accuses-china-microsoft-hack

    The Biden administration official said that China's Ministry of State Security employed criminal contract hackers "to conduct unsanctioned cyber operations globally, including for their own personal profit."

    Although the U.S. says criminal gangs of hackers with links to Russian intelligence carried out such audacious ransomware attacks as the one that caused Colonial Pipeline – a major U.S. petroleum distribution network – to shut down temporarily, China's outright hiring of contract hackers is "distinct," the official said.

    Biden is not Trump, so let's give him the benefit of the doubt that he's not lying. With that in mind I'll ask you again: Your original comment sounds as tho you'd be good, better than good in fact, with counter-cyberwarfare against hackers who attack the US. Those hackers in this case are Chinese government hired with Chinese interests. So Chinese technology, infrastructure like dams and electricity, financial systems would all be appropriate targets to get their attention? 

    Unless you're just here to troll us you'll try to make more of an effort to be honest and acknowledge sometimes the Chinese Government does bad things that invite a response. 



    gatorguy said:
    gatorguy said:
    gatorguy said:
    dewme said:
    There is absolutely no new ground being covered here. President Biden's reminder that most of the moving parts, in terms of making these initiatives real, is firmly in the hands of the private sector is more than a little disconcerting. If you think the government hates spending money of maintenance and infrastructure as opposed to big new projects in certain voting districts, the private sector is even worse. There's nothing sexy or industry pundit or Wall Street investor inspiring about a big tech company narrowing their attack surface or hardening their servers against cyber security attacks.

    Hey, maybe I missed it in Tim Cook's last keynote, the 20 foot tall screen showing an animation of a bank vault door protecting our data slamming shut, or a slide about how many great engineers were working on software maintenance and refactoring core infrastructure code after having subjected the code to intensive third party security audits. It may have been stitched in the presentation with drooling slather about how many compute cores are on Apple's latest SoC or the performance benefits of unified memory. I sometimes nod off at the beginning those keynotes, you know, the part where Apple pats itself on its own back part with impressively big numbers and shows happy people surfing, swimming, staring at the Milky Way, or doing far more interesting things than we ever do, mostly because they have an Apple product in their lives, in their hand, or on their wrist.

    Face it, Apple, Google, Microsoft, Intel, local, state, and federal governments, etc., are no different than the rest of us when it comes to how we spend our money. We want new, we want shiny, we want slick, we want to impress ourselves and those around us. We want sprinkles on our ice cream and health care plans for our dogs. Things like maintenance, upkeep, grinding through the drudge and sludge to keep normal stuff working are decidedly uncool. No matter that we have entire neighborhoods whose basements fill with raw sewage every time it rains heavily because the residents who are driven from their stench filled homes can gaze upon the shiny new taxpayer subsidized professional football stadium off in the distance.

    When it comes to cyber security the government has been investing very heavily for more than a decade in things like creating PowerPoint presentations and creating working groups that spend a great deal of time describing, but not actually doing, the work that needs to be done. Who could not be impressed with the presentations and launching of initiatives. This one is probably as nice as any of them and could easily have been reused in President Biden's latest meeting (https://www.nist.gov/system/files/documents/cyberframework/critical_infrastructure_cybersecurity.pdf). Just roll all the dates forward, add some new transition effects, order fresh donuts and bagels ... and maybe some pumpkin spice lattes, even though some of us, myself included, have no time in our lives for anything "pumpkin spice" before October, okay maybe late September if you're north of 41 degrees latitude, say in BlackBerry and poutine country.

    I don’t remember hearing about cyber security initiatives in the past. I don’t remember all of these technology company heads coming to the White House to discuss the cyber security threats and how to prevent them. To me it sounds like we finally might be taking the threat seriously.

    Yeh, taking it seriously is a good first step.   Kudos for that!  (It's long past due!) 
    But all these companies can do is play defense.   These are cyber terrorists.  It's our government's job to take them out.
    https://www.npr.org/2021/07/19/1017844801/biden-administration-accuses-china-microsoft-hack
    Suggestion? It sounds as tho you'd be good, better than good in fact, with counter-cyberwarfare against Chinese interests.
    Chinese technology, infrastructure like dams and electricity, financial systems would all be appropriate targets to get their attention?
    My understanding is that it wasn't China but Chinese people -- big difference -- unless you're a China hater or a racist.
    Or just trolling.

    George, I can't make you read the articles I link, and yes I 100% get the news you've been trusting comes from Chinese-sanctioned sources. 

     In this case you really should read the link I provided. Biden says the Chinese Government hired them. It wasn't simply "Chinese people" acting on their own accord so I do believe you have misunderstood. 

    Here ya go. Read it this time.
    https://www.npr.org/2021/07/19/1017844801/biden-administration-accuses-china-microsoft-hack

    The Biden administration official said that China's Ministry of State Security employed criminal contract hackers "to conduct unsanctioned cyber operations globally, including for their own personal profit."

    Although the U.S. says criminal gangs of hackers with links to Russian intelligence carried out such audacious ransomware attacks as the one that caused Colonial Pipeline – a major U.S. petroleum distribution network – to shut down temporarily, China's outright hiring of contract hackers is "distinct," the official said.

    Biden is not Trump, so let's give him the benefit of the doubt that he's not lying. With that in mind I'll ask you again: Your original comment sounds as tho you'd be good, better than good in fact, with counter-cyberwarfare against hackers who attack the US. Those hackers in this case are Chinese government hired with Chinese interests. So Chinese technology, infrastructure like dams and electricity, financial systems would all be appropriate targets to get their attention? 

    Unless you're just here to troll us you'll try to make more of an effort to be honest and acknowledge sometimes the Chinese Government does bad things that invite a response. 

    Yes, I had read such stuff at the time.  But, what was notable was that we never took any action of any sort against the Chinese government -- not even an official protest or investigation by any international body.  It was simply empty words that appeared to be speculative rather than verified and the fact that our allies were so wishy washy on it supported the speculative nature of it.

    Also, what was notable was the uproar over speculation that China could have been behind it versus years of Russian attacks that get mostly a yawn.   That points to the possibility that we're using it as a propaganda point.

    As for Biden:   I'm disappointed that he appears to be parroting Trump's international policies.  It could be that he's more afraid of ReTrumplicans than China (or Iran).

    BTW, I check Global Times for the same reason I check FauxNews -- to see what they are saying.   And, the change over the last 2-3 years has been dramatic.  At first, like American media once did, they gave Trumps lies legitimacy through false equivalency.   Now, they hit right back.  It's clear they would prefer to drop this "lab leak" nonsense.  But since we won't, then they won't and they're going full steam on the Ft Detrick theory.  Personally, I'm glad to see them standing up to the lies --not because I love China -- but it pains me to see my country so weak that it resorts to lies and propaganda.

    George, you're still 100% avoiding the question. If it is true as Biden says that China hired hackers to attack US interests is the appropriate response to it counter-cyberwarfare against Chinese interests and what Chinese targets do you think are appropriate to get their attention? I wouldn't have thought that too tough a question, especially considering how emphatically you said, and I quote: "These are cyber terrorists.  It's our government's job to take them out."

    One question at a time as I have one more after you answer this one.

    I didn't avoid anything.
    I pointed out that any evidence to that effect must have been pretty weak because, not only did we not follow up with anything against China (just jaw boning), but our allies gave a whimpy response as well.

    In addition, it later came out that it wasn't just Chinese who did the hacking but many hackers from all over the world.

    As we have seen, with the U.S.:   complaining about China seems to come pretty easy.  It's the evidence to back it up that's hard.

    Not to distract from your point, but as an example:  There's a faction of our intelligence services claiming that the virus escaped from a lab in Wuhan.  Yet, not only does China seem to actually have more evidence pointing the finger at Ft Detrick, when their allegations were looked into, (rumor has it) that the evidence was wanting --  just as it has been for Huawei and their CFO who's been held prisoner in Canada.
Sign In or Register to comment.