[Log In] []

Exploring the science and magic of Identity and Access Management
Sunday, November 17, 2024

Are InfoSec Vendors Crying Wolf?

Information Security
Author: Mark Dixon
Wednesday, August 18, 2010
10:10 pm

imageRobert Mullins posted an interesting article this week highlighting the tension between people who warn of impending danger from information security threats …

“Mark Bregman, chief technology officer of security company Symantec … spoke at the first-ever NASA IT Summit and said the space agency is ideally suited to promote global cooperation among nations on cybersecurity. … ‘There’s an urgent need for diplomacy to kick start international cooperation on cybersecurity,’ Bregman said.”

and people who think InfoSec vendors are just fear mongers seeking to sell products …

”comments that followed Montalbano’s story suggested Bregman was hyping the threat for the sake of Symantec sales. “See, Symantec created the panic so as to sell its products,” wrote one. “If Symantec is not the one starting all the cybersecurity mess, the whole world would be much more peaceful,” wrote another.”

As an employee of an vendor of InfoSec software, as a student of the technology of security and as a private citizen concerned about the potential for international terrorism, I tend to side with those who point out our immense vulnerability.  I hope that our technology can help combat the real-world threats that exist.

I hope the world is not lulled to passive inactivity by those who are skeptical of such threats.

Comments Off on Are InfoSec Vendors Crying Wolf? . Permalink . Trackback URL
 

Encryption Games at the Cyber Command

General
Author: Mark Dixon
Thursday, July 15, 2010
7:05 pm

It is was fitting today that as I studied the subject of encryption in preparation for my CISSP exam, I stumbled upon information about the newly-formed United States Cyber Command, a US armed forces sub-command subordinate to United States Strategic Command. The command was officially activated May 21, 2010 and is slated to reach fully operational readiness by October 2010.

The Cyber Command:

“ … plans, coordinates, integrates, synchronizes and conducts activities to direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries."

Defense Secretary Robert Gates, stated in the official June 23rd announcement:

“Cyberspace and its associated technologies offer unprecedented opportunities to the United States and are vital to our nation’s security and, by extension, to all aspects of military operations. Yet our increasing dependency on cyberspace, alongside a growing array of cyber threats and vulnerabilities, adds a new element of risk to our national security. To address this risk effectively and to secure freedom of action in cyberspace, the Department of Defense requires a command that possesses the required technical capability and remains focused on the integration of cyberspace operations.”

OK.  This sounds like a good thing to do.  But what was really intriguing and fitting for me today was to learn that the command’s handsome new emblem contains an encrypted message its inner gold ring: 9ec4c12949a4f31474f299058ce2b22a.

image

Can you figure out what it means?  The Wikipedia article for the command states:

“The text "9ec4c12949a4f31474f299058ce2b22a", which is located in the command’s emblem, is the MD5 hash of their mission statement.”

This is consistent with a statement from a command spokesman quoted in an article by John Cook of Yahoo! News.  However, something is not quite right.  John explained:

“We tried encrypting that entire statement using an MD5 hash generator, and we didn’t get a match to the logo code. So it looks like just a portion of the statement has been encoded.”

Wired Magazine has launched a contest to see who can crack to code.  Can you do it?  You can win a t-shirt from Wired or a ticket to the International Spy Museum.

Even better, rumor has it that the Cyber Command wants to hire 1,000 new cyber specialists over the next few years.  Maybe this game is part of the recruitment process.

Or … maybe this will remain another obscure mystery destined to someday being mentioned in a novel by Dan Brown.

Comments Off on Encryption Games at the Cyber Command . Permalink . Trackback URL
 
Copyright © 2005-2016, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.