en-us https://www.intensedebate.com/users/4906 Comments by Moderator http://www.scmagazineus.com/SANS-finds-pros-overlooking-dangers-of-client-web-apps/article/148998/#IDComment34658046 The main report is here: <a href="http://www.sans.org/top-cyber-security-risks/" target="_blank">http://www.sans.org/top-cyber-security-risks/</a> Wed, 16 Sep 2009 09:59:06 +0000 http://www.scmagazineus.com/SANS-finds-pros-overlooking-dangers-of-client-web-apps/article/148998/#IDComment34658046 http://www.scmagazineus.com/Cybersecurity-report-update-set/article/128457/#IDComment16724563 SCMagazineUS.com reported that Melissa Hathaway was expected to present a report to Congress on March 10, based on statements set forth in the press. She did not present the report, nor was she expected to. We regret the error. Tue, 10 Mar 2009 21:45:01 +0000 http://www.scmagazineus.com/Cybersecurity-report-update-set/article/128457/#IDComment16724563 http://www.scmagazineus.com/Botnet-creator-pleads-guilty/article/112011/#IDComment2742041 Dave Dittrich wrote to say: I&#039;m a little shocked, and somewhat saddened by this news. If Mr. Milmont was alone in writing Nugache, and did so when he was in his late teens, he is obviously very intelligent, learns fast, and is a good programmer. He obviously spent a lot of time studying peer-to-peer protocols, object-oriented and client/server programming concepts, and used some attack tactics that I&#039;ve not seen before. From a technical perspective, what he accomplished is quite impressive. Bruce Schneier is right that, &quot;Prosecuting some kid in Wyoming isn&#039;t going to make a difference to international hacking groups,&quot; but I think the issue is more complex than that. This does not negate the fact that Mr. Milmont did admit to committing criminal acts and causing innocent people financial harm, nor that federal law enforcement has a responsibility to respond to victims of crimes and to uphold the laws. I wouldn&#039;t dare try to speak for Bruce, but I interpret his comment as suggesting we need more and better research into preventive defenses and effective responses to achieve a deterrent against all levels of computer crime and cyber conflict directed at our nation, and I agree. What saddens me is that Mr. Milmont is the kind of young talent that I believe we need to encourage to get into the academic system, and to use their talents for good. For someone with such obvious skills at that age to decide that using their skills for criminal purposes, rather than helping improve the state of computer security in our country, is a waste. We need those talents, desperately, in the government and private sector. I look for people with these kind of skills to attract as students and keep around as research assistants. If an avenue for gaining reward and recognition for defending computers would have prevented his making the choices he did, I wish our society could find a way to provide that avenue. -- Dave Dittrich Thu, 3 Jul 2008 08:16:14 +0000 http://www.scmagazineus.com/Botnet-creator-pleads-guilty/article/112011/#IDComment2742041