Friday, March 7, 2008

我不得到尊敬 (I get no respect)

Finally, a computer security article on CNN that I enjoyed reading.

However, there is one line in the article bothers me. That line would be when James Mulvenon referred to Chinese hackers who break into sensitive US installations without being sanctioned to do so by the Chinese government as "useful idiots." That's why I ripped off a Rodney Dangerfield line to title this post ;-)

Personally, I understand how easily mis-configured systems and systems running bad code can be compromised. But by saying a bored "idiot" is all it takes to compromise the Pentagon, he is really slamming our own personnel and systems in place to protect these critical assets. In showing disrespect for our adversaries, we basically show disrespect for ourselves.

4 comments:

Anonymous said...

It may be useful for you to understand the meaning of the phrase "useful idiot." It refers to someone being unknowingly manipulated into acting for a government. Check out http://en.wikipedia.org/wiki/Useful_idiot

Anonymous said...

corporate appsec sucks, congrats! ;)

Mike Zusman said...

@anonymous(1) - Thanks for the link, and the motivation to start reading more than just technical books :-)

@anonymous(2) - Thanks!

S said...

smashing the stack for fun and profit? Motives aside, the point is that the intentions aren't the crux of the issue. Systems and applications must be secured against ANY threat, foreign or national, idiot or professional.