Thursday, November 30, 2006

DOD Report to Detail Dangers of Foreign Software

A U.S. Department of Defense task force early next year plans to warn the Pentagon of a growing threat to national security from adversaries who could insert malicious code in software developed overseas.

The possibility that programmers might hide Trojan horses, trapdoors and other malware inside the code they write is hardly a new concern. But the DSB will say in its report that three forces — the greater complexity of systems, their increased connectivity and the globalization of the software industry — have combined to make the malware threat increasingly acute for the DOD.

“The problem is we have a strategy now for net-centric warfare — everything is connected. And if the adversary is inside your network, you are totally vulnerable,” said Lucky, who is an independent IT consultant and engineer.

“This is a major concern, but not just when it goes offshore,” Pescatore said. He called the focus on offshore developers “xenophobia” but said the software security concerns raised by the DOD should serve as a useful wake-up call for all organizations that buy software.

Ira Winkler, author of the book Spies Among Us (Wiley, 2005), a former analyst at the National Security Agency and a Computerworld columnist, said that the kinds of measures outlined by Lucky may be useful but that there is a much more obvious step.

“If there is one line of code written overseas, that’s one line too many,” Winkler said.

Comment
The DOD report is due out in January 2007, a few weeks from now.

What do you think will be the recommendations to secure the software that America uses? Do you think it will be a politically correct suggestion that everything is ok and for us not to worry or do you think they will be truthful and require much more development in the United States by Americans? American industry that drove tens of millions of American programming jobs offshore and also brought in thousands of H1B temporary immigrants is providing there only study, which will probably tell us offshoring is good for America and is safe.

Watch out for the DOD and the industry studies and review them. America's security is at risk.

posted by God Bless America - Bob @ 5:43 PM

0 Comments:

Post a Comment

<< Home