Monday, November 10, 2008

DHS Blogger Roundtable

I found out through twitter that Martin Mckeay has a blog post “What would you ask the Department of Homeland Security Secretary?” on his Network Security Blog.. Boy, I’d love to participate in that session....

I tried to respond using the online form but it timed out and I think I lost my responses. I’ll do my best to reconstruct them from memory…

If I had a few moments with Michael Chertoff, the Secretary of the Department of Homeland Security I’d ask about the following subjects:

1. Einstein Program Goals
2. Trusted Internet Connection (TIC) Goals
3. Government/Commercial Cooperation
4. My Shoes

1. Einstein is essentially netflow data (session data) that is available at the DHS level by participating Departments/Agencies. Participation is now mandated by TIC but that is a different story. Session data has its usefulness but that value is severely limited. In addition to the publicized IDS-like additions coming in V2.0 what does the road-map hold for this project and why does the government not yet have a full packet capture capability (also mandated by TIC)?

2. TIC: Is the end goal of the TIC to classify all government networks (SIPR-like) or is it simply a more resilient network that is intended to function if the civilian internet is disabled? ((Yes this is an OMB Mandate but DHS is coordinating every aspect of the program so the line of questions related to TIC would be appropriate for DHS)). I love the requirement for SSL capture, decryption and monitoring - have the DHS lawyers provided any insight on how agencies can prepare and implement the appropriate policy at their levels? This requirement seems to go beyond the normal acceptable use and consent to monitoring statements covered in most policies today.

Some TIC References:
June 2008 Status Report
TICAP (TIC Access Provider) requirements matrix (excel file).

3. Government Cooperation with Civilian Entities: While not completely useless the current collaboration is at best ineffective, cumbersome and slow. Those who wish us harm are certainly not restrained in their sharing of information or tools. The collaboration on the side of the “good guys” needs to be enhanced, what are the plans of DHS to enable better collaboration between the Public and Private sectors? How can we help DHS?

4. My Shoes: Personally this just bugs the crap out of me. I fly every week. I am a “Cleared, Registered traveler” so I do enjoy the benefits of shorter security lines at DCA, but still this effort to take off my shoes every time is getting very, very old. I probably catch 1-2 elderly folks a quarter as they fall trying to remove their shoes. There has to be a more effective way of monitoring for illicit substances in my shoes than an x-ray of millions of stinky shoes. I’m sure we can find a more reasonable method to enable airline travel to continue to have the perception of being “safe”.

He’d probably laugh at me during the conversation but at least I’d come prepared to talk as long as he’d hear me!


No comments: