Wednesday, March 07, 2012

I was wrong, wrong, wrong, about McCain

You'd think that politics has nothing to do with cybersecurity, but it does. You can often guess a person's political leanings by their opinions on cybersecurity.

For example, I'm a Libertarian. Because of this, I oppose concepts like "defense in depth". I claim that "the Internet is secure enough", and that "cybersecurity is a tradeoff". These things just flow unsurprisingly from the Libertarian way of looking at the world.

Therefore, I assumed McCain would be better than Obama at helping cybersecurity regulation. McCain talked about the old nasty telcoms regulation that stifled early Internet growth. He demonstrated understanding of the way laws killed innovation,. even though he didn't understand the Internet itself. Conversely, Obama preached how government was going to change the Internet for the better. I think think government can do little to make the Internet better, but can inadvertently do much to make things much worse, so I endorsed McCain. A fatuous thing to do, of course, but since Google endorsed Obama, I went ahead with it.

But the reverse happened. Obama has been largely "hands-off" on the Internet, letting the DHS, NSA, and DoD fight their turf war to see who'd get control of cyberspace. Meanwhile, McCain has been pushing exactly the sort of legislation I feared most, such as his recently introduced cybersecurity bill, described by some as "Orwellian" the way it gives government control over the Internet. McCain was also one of the chief sponsors of the NDAA amendment that authorizes the president to suspend habeas corpus (not precisely cybersec related, but something every cybersec person I know opposes). [My libertarian friends chide me, pointing out that McCains attacks on free-speech in the past demonstrated that he didn't really believe in civil liberties, so that I should've known.]

So I was wrong about McCain, so very very wrong.


Jess said...

Hey don't feel bad. I was wrong about him too, for this and for similar reasons. I actually imagined his years as a POW would have encouraged him to stop the awful extrajudicial crap (and he had hinted such during the campaign), but recently he's cosponsored bills to send even USA citizens to Gitmo without court hearings.

I think the problem is he's just gotten old. I doubt the Sen. McCain of 2000 would have run the pathetic campaign we saw in 2008. I strongly suspect he could have beaten Obama with three simple words: "I oppose TARP." That would have taken stones, and at that point he was more worried about his daughter's "career".

Anonymous said...

"You'd think that politics has nothing to do with cybersecurity"

But but but power is political. Security involves control, control is power, it therefore is political, nein?

Anonymous said...

European Network and information Security Agency (ENISA)

Stock taking questionnaire for an Inventory of Information Security sources

March 2012

The Agency has launched a stock taking exercise , using a questionnaire to establish an Inventory of publicly available sources on Information Security. Using already existing information in an aggregated format will lead to faster assessments with less effort.

Therefore, collection and aggregation of existing data and sources is an effective tool to raise information security.

A main objective of this work is to include publicly available information on information security risks and opportunities, to be used in all upcoming assessments. The result of the stock-taking exercise/questionnaire is an online inventory.

In the framework of the Agency’s work on “Identifying and Responding to the Evolving Threat Environment” in 2012, ENISA assesses emerging risks and opportunities. This forward-looking activity is an essential step to address future information security challenges. Collection and aggregation of existing quantitative data is a long-term objective that will be refined in future versions of the Agency Work Programme.

The questionnaire is among other things looking at organisational issues, security risks, opportunities, and security trends.

How to contribute?

Fill in the stock-taking questionnaire