Web Security and New Media in Politics

FACT: The Obama presidential campaign has been lauded for innovative uses of the Web and social media, particularly for fundraising and volunteer recruitment.  But as PC World has just reported, “Two months after their Web site was hacked, the organizers of Barack Obama’s presidential campaign are looking for a network security expert to help lock down their Web site…. Security experts said this is the first time they can remember seeing a Web security job advertised for a political campaign.”

ANALYSIS:  I wrote before about my experience in 1994-95 helping build one of the Internet’s first political campaign websites – I designed the content and wrote much of it, for Mayor Frank Jordan of San Francisco.  (The pages were literally built and posted by mayoral son Thomas Jordan, by the way, who was then a college student at UC-Berkeley; he went on to great things at Pixar.)   At the time, with such a simple site, we didn’t have to worry much about security – or so we thought, and luckily the worst scandal in those early years involved domain-squatting by certain rival campaigns.

As PC World points out, though, “Obama’s Web site, built by Facebook cofounder Chris Hughes, has been the model of Web 2.0 campaigning, using social-networking techniques to raise funds and build a broad base of active, Internet-savvy supporters. But security experts have long warned that powerful Web site features also open new avenues for attack.”

Continue reading

A Roadmap for Innovation – from Center or the Edge?

Fact:   In marking its five-year anniversary earlier this month, the Department of Homeland Security released a fact sheet touting the department’s accomplishments in that time, including “establish[ing] the Computer Emergency Readiness Team (US-CERT) to provide a 24-hour watch, warning, and response operations center, which in 2007 issued over 200 actionable alerts on cyber security vulnerabilities or incidents. US-CERT developed the EINSTEIN intrusion detection program, which collects, analyzes, and shares computer security information across the federal civilian government. EINSTEIN is currently deployed at 15 federal agencies, including DHS, and plans are in place to expand the program to all federal departments and agencies.”

Analysis:  I’m not going to write, in this post at least, about US-CERT and EINSTEIN in particular. I will point out that some writers have been skeptical of “Big DHS” progress on cyber security up to now, and the anniversary was an occasion for much cynical commentary. 

cnet-news.jpgCharles Cooper in his popular Coop’s Corner blog on CNet wrote that “when it comes to network security, DHS appears to be more of a wet noodle than even its sharpest critics assumed… Talk with security consultants and former government officials involved with DHS and you come away wondering what these folks do all day.”

Continue reading

%d bloggers like this: