Of Cryptography and UK Trolls and Yes, the Mooch

Tom Bossert apparently has a law degree from Georgetown. He is President Trump’s Homeland Security Advisor, and was Deputy Homeland Security Advisor in Bush 43’s administration when Bossert was barely 30 years old. His main responsibility nowadays revolves around cybersecurity, and his focus is on issues related to cybersecurity.

Tom Bossert also is the guy who got sucked in by some dude (perhaps gal but I'll bet it's a guy) in the UK who seems to be a sort of mischievous troll who poses as someone else and exchanges emails on the basis of that. In Bossert's case, the UK troll pretended to be Jared Kushner, and Bossert fell for it, even offering his personal email to the UK troll.

Yes, at first blush it's hilarious to read about Bossert accepting fake Jared's invitation to a "soiree" with even better food than what they shared in Iraq. But if someone charged with managing the nation's issues of cybersecurity can be hacked so easily, what does that say about your average person's ability to be wise when using their device and communicating with unknown parties. Which strictly speaking means almost anyone except perhaps your boss over there in the corner who just sent you an angry email about that project you're behind on. And even that could be someone in your office looking to play a malicious trick.

In other words, what does it mean to know someone online? To be reasonably sure that an internet identity is genuine and that communication with that entity is securely encrypted?

Look, with Russian and other hacking gangs that seem to inhabit the intersection between criminality, espionage, and even terrorism, it is a stroke of luck that this hacker was rather non-malignant. But it raises the question of how many times malignant hackers have breeched supposedly secure communications. And not just in the case of Hillary Clinton's homebrew server.

This might seem a tad techno-dystopian - especially coming from a techklutz like me - but cryptography should be a standard part of STEM and even the humanities in some form. We should be doing a much better job of raising the base level knowledge regarding cybersecurity on the part of all citizens in America and abroad as well. It's as important as the focus on Science and Engineering in the 50's through the 70's when the Space Race with the Soviet Union was an immediate and overwhelming concern.

We need the same focus nowadays, perhaps on a more local scale, in education across the country in order for America to meet the challenges from rivals like China and Russia. Let classrooms drip with boring theories (or at least their most basic forms) of cryptographic models. Let students whine to their parents about their crypto teacher in 10th grade. Yes in 10th grade. This should be top priority. And Tom Bosssert is a great example of why it should be.

The other guy sucked in by this UK Troll? The Mooch himself who apparently got into quite the argument with the troll. What a laugh, huh?

Posted by Keeley at August 2, 2017 12:46 PM
Comments
Comment #418915

What are you saying, Keeley? Are you promoting the idea of teaching cybersecurity to children? That’s a good idea. But, how and what are you going to teach?

I consider my comments on WatchBlog are the equivalent to my screaming out my front door. Sometimes it carries just as much value to scream out my front door, but there is much more tolerance here on WatchBlog for screaming out my front door into the internet.

I wouldn’t care to have my kids screaming out the front door in either environment. If you were going to teach anyone about cybersecurity it should be the parents. Parents can teach their children for free.

As with my front door into real life, I wouldn’t leave my cyber door hanging open 24/7 either. I often wonder why our snail mailbox can be held is such sanctity while the security of our e-mailbox is always under question?

What are we going to teach?

There is a security feature available that eliminates the need to have a password for every business you deal with. The technology is formulated to enable the buyer/customer/user to keep all their personal information on their own computer. The user’s computer sends the information, the vendor processes the information with the transaction, and then verifies the transaction was complete. No personal information is stored on the vendor side. This would simplify security immensely, thus making it easier to teach and understand.

Remember the last time you lost your wallet? It was your own fault, wasn’t it?

I think cyber security at the personal level is entirely too complicated. The requisite use of special characters and upper case ensures the password/username will be written down somewhere. That defeats the purpose, because identity theft is at the personal level also. Your kid’s tech savvy friend could happen onto that list and help himself much easier than someone hacking in through the internet.

There is a disconnect between personal responsibility and commerce on the internet. You hand over your personal information and expect everyone involved with your transaction to be responsible for it’s security.

An account number serves a purpose. Personal information associated with that account number is totally unnecessary. Why give up your personal information if you can’t protect it? You wouldn’t hand out your name, address and telephone number to the gas station attendant would you? No, just hand him cash.

Posted by: Weary Willie at August 2, 2017 2:01 PM
Comment #418916

My password is the last eight digits of “pi”

Posted by: Royal Flush at August 2, 2017 2:20 PM
Comment #418917

That would make it based in time!

Posted by: Weary Willie at August 2, 2017 2:41 PM
Comment #418918

Time

Posted by: Frank at August 2, 2017 3:53 PM
Comment #418919

4. a limited period or interval, as between two successive events:
a long time.


3. (sometimes initial capital letter) a system or method of measuring or reckoning the passage of time:
mean time; apparent time; Greenwich Time.


I believe your correction is ill timed.

Posted by: Weary Willie at August 2, 2017 3:56 PM
Comment #418920

So long as we have the Chamber of Commerce Corpocracy (GOP/DEM) running things we won’t have anything near real cyber security. The CofC likes the free market, everything should be up to be bought and sold, most everything has some value. I assume telemarketers trade in lists of email addr’s.

Real cyber security is very possible. But, you are still going to have the Clintonites who are interested in protecting their porn interludes or prying eyes of the public. Folks who hire cyber criminals to run their computer systems, and so on - - -

People are so willing to give up personal data for the asking. Some guy is running around now wanting the $80k back he gave to his supposed girl friend whom he had never met face to face. We could do 95% but you can’t fix stupid.

The CofC wins, u lose.

Posted by: Roy Ellis at August 2, 2017 4:12 PM
Comment #418928

I believe it’s TIME to say, this post makes no sense.

Posted by: Frank at August 2, 2017 9:54 PM
Comment #418935

Why don’t you explain yours and maybe we could see what the disconnect is.

Posted by: Weary Willie at August 3, 2017 6:33 AM
Comment #419323

Amazing article thanks or sharing..

Posted by: Android App Development Service at August 12, 2017 8:22 AM
Post a comment