[Dailydave] Howard Schmidt

Dave Aitel dave at immunityinc.com
Fri May 18 10:01:26 EDT 2012 

"As for getting into the power grid, I can't see that that's realistic,"
Schmidt said. <http://www.wired.com/threatlevel/2010/03/schmidt-cyberwar/>


Likewise as that Threat Point article from the start of his time in the
White House points out: 


"People have to recognize that when we close the door and go home, we
are just normal netizens like anyone else," Schmidt said. "I've been in
the internet from the very beginning. We don't want to see it changed to
where it is no longer available and we don't have the ability to do
things *anonymously* as we choose to in certain realms."


Also in that article you can see the initial tension between the NSA and
the office of the Cyber Security Coordinator. And the last few weeks
have been dominated by the NSA and White House togethertrying (and
failing)
<http://www.whitehouse.gov/blog/2012/01/26/legislation-address-growing-danger-cyber-threats?utm_source=related>to
push forward legislation that regulates the security of critical
infrastructure (such as the power grid).


But Schmidt's dream was always elsewhere - in the role of human identity
and the internet. And you can see it in his trusted identities strategy
<http://www.whitehouse.gov/blog/2010/06/25/national-strategy-trusted-identities-cyberspace>.
This also is where I see the largest influence from his Microsoft days,
from the days the technologies Passport and CardSpace (remember them?)
looked "promising".


But trusted identities is not necessarily where people want to go, even
if it helps security in some way (or enables rather revolutionary things
like Internet voting). And aside from a few favored vendors who wanted
to make money implementing an identity scheme for every American, you
don't see a groundswell of support.


Keep in mind that we have Aurora and the associated rise of "APT",
Wikileaks, and the public hacking of various water utilities
<http://news.cnet.com/8301-27080_3-57330029-245/dhs-denies-report-of-water-utility-hack/>
during his time in office. Also during his time America and Russia and
China
<http://www.huffingtonpost.com/2012/05/07/china-us-vow-cooperation-cybersecurity_n_1498245.html>
have connected on CyberSecurity more than you may have thought they
would.  Most of what a Cyber Security Czar does is shrouded in secrecy,
so it's hard to truly say what Howard's legacy will be, but it's
probably safe to say a new identity management policy for the entire
country will not be it.


-dave


-- 
INFILTRATE - the world's best offensive information security conference.
April 2013 in Miami Beach
www.infiltratecon.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20120518/008c2ea9/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 267 bytes
Desc: OpenPGP digital signature
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20120518/008c2ea9/attachment.sig>

More information about the Dailydave mailing list